CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

July 10, 2025

CVE ID : CVE-2025-52357

Published : July 9, 2025, 8:15 p.m. | 7 hours, 49 minutes ago

Description : Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic feature of FiberHome FD602GW-DX-R410 router (firmware V2.2.14), allowing an authenticated attacker to execute arbitrary JavaScript code in the context of the router s web interface. The vulnerability is triggered via user-supplied input in the ping form field, which fails to sanitize special characters. This can be exploited to hijack sessions or escalate privileges through social engineering or browser-based attacks.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53624 – Docusaurus GitHub Gists Plugin Exposes Personal Access Tokens

Next Article CVE-2025-53652 – Jenkins Git Parameter Plugin Unauthorized Parameter Injection Vulnerability

Vibe Loop: AI-native reliability engineering for the real world

Docker Compose gets new features for building and running agents

Why Enterprises Are Choosing AI-Driven React.js Development Companies in 2025

Unmasking The Magic: The Wizard Of Oz Method For UX Research

How I personalized my ChatGPT conversations – why it’s a game changer

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Salesforce Health Cloud Demo: Provider Search & Network Management in Action

Oracle Cloud EPM: Transitioning to Forms 2.0, Dashboards 2.0 by October 2025

This Week in Laravel: React.js, Filament vs Laravel, and Junior Test

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

Xbox Game Pass deals ranged from “$50,000 to $50,000,000” — offering a glimpse at how much Microsoft drops on content

The Division 2’s new Brooklyn Archivist Merit Commendation was driving me INSANE — it turns out there’s a sneaky extra step you need to do first

Alan Wake 2 for Xbox Series X is on sale during Amazon Prime Day — dive into Remedy’s title that “bloodily earns its place as a horror game”

CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

Chrome Zero-Day CVE-2025-6554 Under Active Attack — Google Issues Security Update

Critical Vulnerability in Anthropic’s MCP Exposes Developer Machines to Remote Exploits

My latest hands-on could be the best value AI laptop of the summer, but I still have questions

The Rise of PWAs & On-Demand Services Powered by React Native📱

From pair to peer programmer: Our vision for agentic workflows in GitHub Copilot

Intel Unison for Windows 11 shuts down — encourages users to switch to another multi-device experience

Microsoft confirms limited Microsoft 365 app support on Windows 10 after October 2025

CVE-2025-20976 – Samsung Notes Out-of-Bounds Read Vulnerability

CVE-2025-4077 – Code-projects School Billing System Stack-Based Buffer Overflow Vulnerability

Tosca : Guidelines and Best Practices

CVE-2025-52357 – FiberHome FD602GW-DX-R410 Router Ping Diagnostic XSS

Related Posts