5ulfur/security-advisories

Releases0

My security advisories

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-65349 ↗	Jan 15, 2026Thursday, 15 January 2026, 20:16	5.4 MEDIUM	—
A Stored Cross-Site Scripting (XSS) vulnerability in Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to execute arbitrary scripts via a crafted payload due to unsanitized repeater AP SSID value when is displayed in any page at /index.htm.
CVE-2025-63423 ↗	Oct 30, 2025Thursday, 30 October 2025, 20:15	7.5 HIGH	—
Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 was discovered to store the Administrator password.
CVE-2025-63422 ↗	Oct 30, 2025Thursday, 30 October 2025, 19:16	7.5 HIGH	—
Incorrect access control in the Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to arbitrarily change the administrator username and password via sending a crafted GET request.