How to fix CVE-2025-2213?

During next maintenance window: Apply vendor patches when convenient. Verify cross-site scripting controls are in place.

Is Castlenet CBW383G2N affected by CVE-2025-2213?

CVE-2025-2213 is a low-severity vulnerability in Castlenet CBW383G2N involving cross-site scripting (CVSS 2.4). The limited severity suggests constrained impact, typically requiring specific conditions or local access for exploitation.

Castlenet CBW383G2N CVE-2025-2213

LOW

Cross-site Scripting (XSS) (CWE-79)

2025-03-11 [email protected]

XSS

2.4

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 19:52 vuln.today

CVE Published

Mar 11, 2025 - 23:15 nvd

LOW 2.4

DescriptionNVD

A vulnerability was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input <img/src/onerror=prompt(8)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

A vulnerability was found in Castlenet CBW383G2N versions up to 20250301. is affected by cross-site scripting (xss) (CVSS 2.4).

Technical ContextAI

This vulnerability (CWE-79: Cross-site Scripting (XSS)) affects A vulnerability was found in Castlenet CBW383G2N. was found in Castlenet CBW383G2N up to 20250301. It has been declared as problematic. This vulnerability affects unknown code of the file /wlanPrimaryNetwork.asp of the component Wireless Menu. The manipulation of the argument SSID with the input <img/src/onerror=prompt(8)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosu

Affected ProductsAI

Product: A vulnerability was found in Castlenet CBW383G2N. Versions: up to 20250301..

RemediationAI

Monitor vendor advisories for a patch. Implement output encoding and Content Security Policy headers. Restrict network access to the affected service where possible.

CVE-2025-2213 vulnerability details – vuln.today

Back