MEDIUM🇵🇱 Wersja polska

CVE-2025-8075

CVSS 5.8v4.0pub. 2025-12-26upd. 2026-01-07

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Hanwhavision Pnm 9084qz1

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Pnm 9084qz1 Firmware

    OS
    Hanwhavision
    < 2.23.00
  • Hanwhavision Pnm 9084rqz1

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Pnm 9084rqz1 Firmware

    OS
    Hanwhavision
    < 2.23.00
  • Hanwhavision Pnm 9085rqz1

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Pnm 9085rqz1 Firmware

    OS
    Hanwhavision
    < 2.23.00
  • Hanwhavision Pnm 9322vqp

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Pnm 9322vqp Firmware

    OS
    Hanwhavision
    < 2.23.00
  • Hanwhavision Qnd C8013r

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qnd C8013r Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qnd C8023r

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qnd C8023r Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qne C8013rl

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qne C8013rl Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qne C9013rl

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qne C9013rl Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qnf 8010

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qnf 8010 Firmware

    OS
    Hanwhavision
    < 2.10.03
  • Hanwhavision Qnf C9010

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qnf C9010 Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qnf C9010v

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qnf C9010v Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qno C6083r

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qno C6083r Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qno C8013r

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qno C8013r Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qno C8023r

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qno C8023r Firmware

    OS
    Hanwhavision
    < 2.22.10
  • Hanwhavision Qno C8083r

    HW
    Hanwhavision
    wszystkie wersje
  • Hanwhavision Qno C8083r Firmware

    OS
    Hanwhavision
    < 2.22.10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2024-54013HIGH8.7ten sam produkt

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web...

CVE-2024-54012HIGH8.5ten sam produkt

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly ...

CVE-2023-5038HIGH8.7ten sam produkt

badmonkey, a Security Researcher has found a flaw that allows for a unauthenticated DoS attack on the camera. ...

CVE-2023-5037HIGH7.1ten sam produkt

badmonkey, a Security Researcher has found a flaw that allows for a authenticated command injection on the cam...

CVE-2023-31996HIGH8.8ten sam produkt

Hanwha IP Camera ANE-L7012R 1.41.01 is vulnerable to Command Injection due to improper sanitization of special...