CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

July 10, 2025

CVE ID : CVE-2025-52357

Published : July 9, 2025, 8:15 p.m. | 7 hours, 49 minutes ago

Description : Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied input in the ping form field, which fails to sanitize special characters. This can be exploited to hijack sessions or escalate privileges through social engineering or browser-based attacks.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53624 – Docusaurus GitHub Gists Plugin Exposes Personal Access Tokens

Next Article CVE-2025-53652 – Jenkins Git Parameter Plugin Unauthorized Parameter Injection Vulnerability

Highlights

CVE-2025-6777 – Food Distributor Site SQL Injection Vulnerability

June 27, 2025

CVE ID : CVE-2025-6777

Published : June 27, 2025, 9:15 p.m. | 1 hour, 2 minutes ago

Description : A vulnerability, which was classified as critical, has been found in code-projects Food Distributor Site 1.0. This issue affects some unknown processing of the file /admin/process_login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Microsoft donates DocumentDB to the Linux Foundation

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

68% Tech Pros Distrust AI Hiring Tools, Signaling ‘System is Fundamentally Broken’

Getting Creative With Images in Long-Form Content

Safeguarding VS Code against prompt injections

The C-Level Ticket

PERFIXION 2025: Powering AI Ideas

PERFIXION 2025: Powering AI Ideas

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Gears of War returns, Helldivers 2 jumps ship, and Xbox players win big — Xbox’s Aug 25–31 lineup proves the console war is getting interesting again

Reports say Windows 11 update is bricking drives — is yours on the list?

Razer finally remembered I don’t live in China, so now we can all get this cool Gengar gaming headset

CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

CVE-2025-54491 – The Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

CVE-2025-54492 – Biosig Project libbiosig Stack-Based Buffer Overflow Vulnerability

Here’s how I finally cracked a tricky Linux problem with this AI terminal app

CVE-2024-7586 – GitLab EE Webhook Deletion Audit Log Authentication Credentials Disclosure

Beware of phone scams demanding money for ‘missed jury duty’

10 Strumenti GNU/Linux Poco Conosciuti per Massimizzare la Produttività al Terminale

CVE-2025-6777 – Food Distributor Site SQL Injection Vulnerability

Borderlands 4 is killing off a tired “FOMO” trend — I hope other developers follow suit

Angry Chickens 2 – Easter slingshot game tutorial

High-Severity Flaw in Kibana: Unauthorized Access Possible in Synthetic Monitoring!

CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

Related Posts