CVE-2025-14701

Name of the Vulnerable Software and Affected Versions Crafty Controller (affected versions not specified)

Description A flaw exists in the Server MOTD component of Crafty Controller that allows a remote, unauthenticated attacker to inject malicious code through modification of the server MOTD. This is a stored cross-site scripting (XSS) issue. The vulnerability is due to insufficient input validation, allowing an attacker to manipulate the server message of the day. The attack vector involves unauthenticated input manipulation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.