CVE-2025-63354

Name of the Vulnerable Software and Affected Versions Hitron HI3120 version 7.2.4.5.2b1

Description The Hitron HI3120 device contains a flaw where it does not correctly manage input, leading to the possibility of stored cross-site scripting (XSS). This occurs through the Parental Control feature when a new filter is created. An attacker can inject and execute JavaScript code due to this improper input handling.

Recommendations Update to a newer version that contains a fix for this vulnerability.