{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-05T16:31:06.628","vulnerabilities":[{"cve":{"id":"CVE-2025-70545","sourceIdentifier":"cve@mitre.org","published":"2026-02-04T16:16:18.510","lastModified":"2026-07-05T02:17:39.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The Common Gateway Interface (CGI) component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary JavaScript that is persistently stored and executed when the affected interface is accessed."},{"lang":"es","value":"Existe una vulnerabilidad de cross-site scripting (XSS) almacenada en la interfaz de gestión web del router PPC (Belden) ONT 2K05X que ejecuta el firmware v1.1.9_206L. El componente Common Gateway Interface (CGI) maneja incorrectamente la entrada proporcionada por el usuario, permitiendo a un atacante remoto no autenticado inyectar JavaScript arbitrario que se almacena y ejecuta persistentemente cuando se accede a la interfaz afectada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-05T18:45:55.572861Z","id":"CVE-2025-70545","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:belden:ppc_2k05x_firmware:1.1.9_206l:*:*:*:*:*:*:*","matchCriteriaId":"8D17CB00-54CB-4A6A-B1D6-DE972CB1A909"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:belden:ppc_2k05x:-:*:*:*:*:*:*:*","matchCriteriaId":"EE35487E-A935-4B18-A818-9806E3E9DAAD"}]}]}],"references":[{"url":"https://github.com/jeyabalaji711/CVE-2025-70545","source":"cve@mitre.org","tags":["Mitigation","Third Party Advisory"]}]}}]}