PT-2025-53346 · Riello · Riello Ups Netman 208 Application
Published
2025-12-24
·
Updated
2026-01-02
·
CVE-2025-68915
CVSS v3.1
5.5
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Riello UPS NetMan 208 Application versions prior to 1.12
Description
The Riello UPS NetMan 208 Application, before version 1.12, contains a cross-site scripting (XSS) issue in the
cgi-bin/loginbanner w.cgi component. This allows for the injection of malicious scripts through a crafted banner. The vulnerable component is the cgi-bin/loginbanner w.cgi script, and the vulnerable parameter is the banner content.Recommendations
Update the Riello UPS NetMan 208 Application to version 1.12 or later.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Riello Ups Netman 208 Application