CVE-2025-52378 – Nexxt Solutions NCM-X1800 Mesh Router Cross-Site Scripting (XSS)

July 15, 2025

CVE ID : CVE-2025-52378

Published : July 15, 2025, 3:15 p.m. | 1 hour, 19 minutes ago

Description : Cross-Site Scripting (XSS) vulnerability in Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below allowing attackers to inject JavaScript code that is executed in the context of administrator sessions when viewing the device management page via the DEVICE_ALIAS parameter to the /web/um_device_set_aliasname endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6973 – SOLIDWORKS eDrawings JT File After Free Vulnerability

Next Article CVE-2025-6972 – SOLIDWORKS eDrawings After Free Code Execution Vulnerability

Highlights

CVE-2025-6911 – PHPGurukul Student Record System SQL Injection Vulnerability

June 30, 2025

CVE ID : CVE-2025-6911

Published : June 30, 2025, 3:15 p.m. | 2 hours, 26 minutes ago

Description : A vulnerability was found in PHPGurukul Student Record System 3.2. It has been declared as critical. This vulnerability affects unknown code of the file /manage-subjects.php. The manipulation of the argument del leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Kong AI Gateway 3.11 introduces new method for reducing token costs

Native vs hybrid vs cross-platform: Resolving the trilemma

You’ll soon be able to chat with Copilot and attend Teams meetings while driving your Mercedes-Benz — now there’s no excuse to miss your meetings

Intel is laying off thousands of US workers in AI restructuring — CEO Lip-Bu Tan says it’s “too late” to catch up with the competition

Elon Musk says “We need more babies” — then creates digital girlfriends so you actually won’t go out and make any babies

I don’t play my handheld gaming PCs without this $10 accessory — Here’s why it’s a must-have for anyone who owns an ROG Ally, Steam Deck, or Legion Go

PHP 8.5.0 Alpha 2 available for testing

PHP 8.5.0 Alpha 2 available for testing

The details of TC39’s last meeting

Postgres RAG Stack: Embedding, Chunking & Vector Search

You’ll soon be able to chat with Copilot and attend Teams meetings while driving your Mercedes-Benz — now there’s no excuse to miss your meetings

You’ll soon be able to chat with Copilot and attend Teams meetings while driving your Mercedes-Benz — now there’s no excuse to miss your meetings

Intel is laying off thousands of US workers in AI restructuring — CEO Lip-Bu Tan says it’s “too late” to catch up with the competition

Elon Musk says “We need more babies” — then creates digital girlfriends so you actually won’t go out and make any babies

CVE-2025-52378 – Nexxt Solutions NCM-X1800 Mesh Router Cross-Site Scripting (XSS)

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

As Bill Gates says AI will replace white-collar jobs, one expert says two professions are on the chopping block

Capturing API Requests from Postman Using JMeter

Making Animations Smarter with Data Binding: Creating a Dynamic Gold Calculator in Rive

Compare Collection Keys with Laravel’s diffKeys Method

CVE-2025-6911 – PHPGurukul Student Record System SQL Injection Vulnerability

From idea to PR: A guide to GitHub Copilot’s agentic workflows

CVE-2025-47733 – Microsoft Power Apps SSRF Vulnerability

CVE-2025-46723 – OpenVM AUIPC Instruction Overflow Vulnerability

CVE-2025-52378 – Nexxt Solutions NCM-X1800 Mesh Router Cross-Site Scripting (XSS)

Related Posts