CVE-2025-70545

Published: Feb 4, 2026

Modified: Feb 5, 2026

PUBLISHED

Description

A stored cross-site scripting (XSS) vulnerability exists in the web management interface of the PPC (Belden) ONT 2K05X router running firmware v1.1.9_206L. The Common Gateway Interface (CGI) component improperly handles user-supplied input, allowing a remote, unauthenticated attacker to inject arbitrary JavaScript that is persistently stored and executed when the affected interface is accessed.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://ppc.com

https://github.com/jeyabalaji711/CVE-2025-70545

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-70545

Description

Affected Products

References