Cross Site Scripting Vulnerability in Intelbras WRN 150 Wireless Component
CVE-2025-3157

4.8MEDIUM

Key Information:

Vendor

Intelbras

Status
Wrn 150
Vendor
CVE Published:
3 April 2025

What is CVE-2025-3157?

A cross site scripting (XSS) vulnerability has been identified in the Wireless Menu component of Intelbras WRN 150 devices, specifically version 1.0.15_pt_ITB01. This flaw allows for the manipulation of the SSID argument, which could be exploited remotely by attackers to execute arbitrary scripts in the context of the user’s browser. The exploit details are publicly available, emphasizing the importance of prompt remediation. Users are advised to upgrade to the latest version provided by Intelbras, which does not contain this vulnerability.

Affected Version(s)

WRN 150 1.0.15_pt_ITB01

References

https://vuldb.com/?id.303101
vdb-entrytechnical-description
https://vuldb.com/?ctiid.303101
signaturepermissions-required
https://vuldb.com/?submit.501902
third-party-advisory

CVSS V4

Score:
4.8
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Fergod (VulDB User)
.