CVE-2025-0220 | Trimble SPS851 488.01 Ethernet Configuration Menu Hostname cross site scripting

A vulnerability, which was classified as problematic, was found in Trimble SPS851 488.01. This affects an unknown part of the component Ethernet Configuration Menu. The manipulation of the argument Hostname leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-0220. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-0220 | Trimble SPS851 488.01 Ethernet Configuration Menu Hostname cross site scripting

Post correlati

CVE-2023-48245 | Rexroth Nexo Cordless Nutrunner up to V1500-SP2 HTTP Request authorization

CVE-2024-51500 | Meshtastic Firmware up to 2.5.5 special element (GHSA-xfmq-5j3j-vgv8)

CVE-2024-47415 | Adobe Animate up to 23.0.7/24.0.4 use after free (apsb24-76)

CVE-2024-11410 | Top and Footer Bars for Announcements, Notifications, Advertisements, Promotions Plugin cross site scripting