{"uuid": "990ebc76-3699-4af2-b5b7-33b25521c88c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/614", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21603\n\ud83d\udd39 Description: Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL.\n\ud83d\udccf Published: 2025-01-08T03:30:50.390Z\n\ud83d\udccf Modified: 2025-01-08T03:30:50.390Z\n\ud83d\udd17 References:\n1. https://www.planex.co.jp/support/download/mzk-dp300n/\n2. https://jvn.jp/en/jp/JVN57428125/", "creation_timestamp": "2025-01-08T03:37:57.000000Z"}