PT-2025-42485 · Unknown · Apeman Id71

Juliourena

Published

2025-10-16

Updated

2025-10-16

CVE-2025-11851

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Apeman ID71 version EN75.8.53.20

Description A flaw exists in Apeman ID71 EN75.8.53.20, specifically within an unknown function of the /set alias.cgi file. Manipulation of the alias argument can lead to cross site scripting. This issue is remotely exploitable, and details about the exploit have been publicly disclosed. The vendor was informed of this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-94

Related Identifiers

CVE-2025-11851

Affected Products

Apeman Id71

PT-2025-42485 · Unknown · Apeman Id71

CVE-2025-11851

Weakness Enumeration

Related Identifiers

Affected Products

References · 8