CVE-2025-61198

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Optimod versions 1.0.0.33 and 2.5.26 Optimod 5950 Optimod 5950HD Optimod 5750 Optimod 5750HD Optimod Trio

Description A stored cross-site scripting (XSS) issue exists in Optimod audio processors. This allows a remote attacker to execute arbitrary JavaScript code within a user's web browser. The attack involves injecting a malicious payload into the logs, which are then rendered in the user interface.

Recommendations Update Optimod version 1.0.0.33 to a newer version. Update Optimod version 2.5.26 to a newer version. Update Optimod 5950 to a newer version. Update Optimod 5950HD to a newer version. Update Optimod 5750 to a newer version. Update Optimod 5750HD to a newer version. Update Optimod Trio to a newer version.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-61198

Affected Products

Optimod 1.0.0.33

Optimod 2.5.26

Optimod 5750

Optimod 5750Hd

Optimod 5950

Optimod 5950Hd

Optimod Trio

CVE-2025-61198

Weakness Enumeration

Related Identifiers

Affected Products

References · 5