CVE-2025-7885

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Huashengdun WebSSH versions up to 1.6.2

Description A problematic issue exists in Huashengdun WebSSH related to the Login Page component. The manipulation of the hostname/port argument can lead to cross site scripting. This issue may be exploited remotely, and the exploit has been publicly disclosed. The vendor was contacted but did not respond.

Recommendations Update Huashengdun WebSSH to a version newer than 1.6.2.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2025-7885

GHSA-9CG4-9HV5-3376

PYSEC-2025-234

Affected Products

Huashengdun Webssh

CVE-2025-7885

Weakness Enumeration

Related Identifiers

Affected Products

References · 16