CVE-2025-9404
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-25

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file /pointHierarchySLTS of the component Folder Handler. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-25
Last Modified
2026-04-29
Generated
2026-05-06
AI Q&A
2025-08-25
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9404
EUVD
EUVD-2025-25655
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
scada-lts scada-lts to 2.7.8.1 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-94 The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-9404 is a Stored Cross-Site Scripting (XSS) vulnerability in Scada-LTS up to version 2.7.8.1, specifically in the Folder Handler component at the /pointHierarchySLTS endpoint. The vulnerability occurs because the 'Title' parameter is not properly validated or sanitized, allowing attackers to inject malicious scripts. These scripts are stored on the server and executed in the browsers of users who access the affected page, potentially compromising user data and system security. [1, 2]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing remote attackers to execute malicious scripts in the browsers of users who visit the affected page. This can lead to compromise of user data and system security, including potential unauthorized actions performed on behalf of the user. Exploitation requires an enhanced level of authentication and user interaction, but the exploit is publicly available, making it easier to leverage. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by testing the /pointHierarchySLTS endpoint of Scada-LTS for stored cross-site scripting (XSS) in the 'Title' parameter. A common detection method is to submit a payload such as <img src=x onerror=alert('CVEHunters-PoC-XSS')> in the 'Title' field and then access the page to see if the script executes. This confirms the presence of the vulnerability. Specific commands would depend on the environment, but using curl or a web proxy tool to POST or GET requests with the malicious payload to the /pointHierarchySLTS endpoint can help detect it. For example, a curl command to test might be: curl -X POST -d "Title=<img src=x onerror=alert('CVEHunters-PoC-XSS')>" https://target/pointHierarchySLTS [1, 2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include avoiding use of the affected Scada-LTS version up to 2.7.8.1 or replacing the affected component or product, as no known countermeasures or mitigations currently exist. Additionally, restricting access to the vulnerable endpoint and limiting user privileges to reduce the risk of exploitation may help. Monitoring for suspicious activity and applying input validation or sanitization at the application level, if possible, could also reduce risk until a patch or update is available. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart