CVE-2025-52357

Name of the Vulnerable Software and Affected Versions: FiberHome FD602GW-DX-R410 router version V2.2.14

Description: A Cross-Site Scripting (XSS) issue exists in the ping diagnostic feature. An authenticated attacker can execute arbitrary JavaScript code within the router’s web interface. The issue is triggered by unsanitized user-supplied input in the ping form field, potentially leading to session hijacking or privilege escalation through social engineering or browser-based attacks.

Recommendations: Update to a newer version that contains a fix for this issue.