CVE-2025-67448EPSS p9.4%

CVE-2025-67448CVE-2025-67448

Description

The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to stored XSS. The application does not properly sanitize user input in SMS messages before storing and displaying them. An attacker can send an SMS containing a malicious XSS payload, which will be executed in the context of the victim's browser when the message is viewed.

Scoring

CVSS 7.1 ()
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
EPSS0.20% probability of exploitation · percentile 9.4% · 2026-06-19T12:03:05Z
Last modified2026-06-04

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-67447
CVE
CVE-2025-69755
CVE
CVE-2025-67446
CVE
CVE-2026-6824
CVE
CVE-2025-45841
CVE
CVE-2025-64054
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.