{"dataType":"CVE_RECORD","cveMetadata":{"cveId":"CVE-2025-1354","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-02-15T15:25:20.641Z","datePublished":"2025-02-16T15:31:03.637Z","dateUpdated":"2025-03-13T06:58:15.313Z"},"containers":{"cna":{"affected":[{"defaultStatus":"affected","product":"RT-N12E","vendor":"ASUS","versions":[{"status":"affected","version":"before 2.0.0.39"}]},{"defaultStatus":"affected","product":"RT-N10E","vendor":"ASUS","versions":[{"status":"affected","version":"before 2.0.0.39"}]}],"credits":[{"lang":"en","type":"reporter","value":"Fergod (VulDB User)"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A cross-site scripting (XSS)  vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of RT-N10E and RT-N12E are unsupported (End-of-Life, EOL). Consumers can mitigate this vulnerability by disabling the remote access features from WAN"}],"value":"A cross-site scripting (XSS)  vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of RT-N10E and RT-N12E are unsupported (End-of-Life, EOL). Consumers can mitigate this vulnerability by disabling the remote access features from WAN"}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":4.8,"baseSeverity":"MEDIUM","privilegesRequired":"HIGH","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"PASSIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"54bf65a7-a193-42d2-b1ba-8e150d3c35e1","shortName":"ASUS","dateUpdated":"2025-03-13T06:58:15.313Z"},"references":[{"name":"VDB-295962 | Asus RT-N12E sysinfo.asp cross site scripting","tags":["vdb-entry","technical-description"],"url":"https://vuldb.com/?id.295962"},{"name":"VDB-295962 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"],"url":"https://vuldb.com/?ctiid.295962"},{"name":"Submit #496013 | ASUS RT-N12E 2.0.0.19 Cross Site Scripting","tags":["third-party-advisory"],"url":"https://vuldb.com/?submit.496013"},{"tags":["product"],"url":"https://www.asus.com/supportonly/rt-n10e/helpdesk_bios/"},{"tags":["product"],"url":"https://www.asus.com/supportonly/rt-n12e/helpdesk_bios/"}],"source":{"discovery":"UNKNOWN"},"timeline":[{"lang":"en","time":"2025-02-15T00:00:00.000Z","value":"Advisory disclosed"},{"lang":"en","time":"2025-02-15T01:00:00.000Z","value":"VulDB entry created"},{"lang":"en","time":"2025-02-15T16:30:00.000Z","value":"VulDB entry last update"}],"x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-02-18T21:40:03.949880Z","id":"CVE-2025-1354","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-18T21:40:17.047Z"}}]},"dataVersion":"5.1"}