Is there a public PoC exploit available for CVE-2025-7885?

Yes, a public proof-of-concept exploit is available for CVE-2025-7885. Prioritise patching immediately. EPSS: 0.1%.

Is there a patch available for CVE-2025-7885?

Yes, a patch is available for CVE-2025-7885. Update the affected software to the latest version immediately.

Huashengdun WebSSH CVE-2025-7885

Q: What is the CVSS score of CVE-2025-7885?

CVE-2025-7885 has a CVSS 4.0 base score of 2.1 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

LOW

Cross-site Scripting (XSS) (CWE-79)

2025-07-20 cna@vuldb.com

XSS Webssh

2.1

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.1 LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

Scope

Lifecycle Timeline

Analysis Generated

Apr 29, 2026 - 01:24 vuln.today

Blast Radius

ecosystem impact

† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth

3 pypi packages depend on webssh (3 direct, 0 indirect)

Ecosystem-wide dependent count for version 1.6.3.

DescriptionCVE.org

A vulnerability, which was classified as problematic, has been found in Huashengdun WebSSH up to 1.6.2. Affected by this issue is some unknown functionality of the component Login Page. The manipulation of the argument hostname/port leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Reflected cross-site scripting in Huashengdun WebSSH up to version 1.6.2 allows remote attackers to inject malicious scripts via the hostname or port parameters on the login page, requiring user interaction to trigger. The vulnerability has a low CVSS score of 2.1 due to user interaction requirement and limited impact (integrity only), but publicly available exploit code exists and the vendor has not responded to disclosure attempts.

Technical ContextAI

The vulnerability exists in the login page component of WebSSH, where unsanitized user input from the hostname and port parameters is reflected back in the HTTP response without proper encoding. This is a classic reflected XSS vulnerability (CWE-79) where an attacker can craft a malicious URL containing JavaScript payloads in the hostname or port fields. The vulnerability affects all versions through 1.6.2 of the Huashengdun WebSSH application (CPE:2.3:a:huashengdun:webssh:*:*:*:*:*:*:*:*), which is a web-based SSH client typically used for remote terminal access via browsers.

RemediationAI

Upgrade Huashengdun WebSSH to a version released after 1.6.2 that addresses the input sanitization in the hostname and port parameters. Consult the GitHub issue at https://github.com/huashengdun/webssh/issues/410 for the exact patched version number. As a compensating control, implement a Web Application Firewall (WAF) rule to block requests containing script-like patterns (e.g., <script>, javascript:) in the hostname or port query parameters; this may require tuning to avoid false positives on valid hostnames. Additionally, configure Content Security Policy (CSP) headers on the login page to disallow inline script execution and restrict script sources, reducing the impact of any injected payloads that bypass input validation. Network-level controls such as blocking access to the WebSSH login page from untrusted networks can reduce attack surface but may impact legitimate remote access scenarios.

CVE-2025-7885 vulnerability details – vuln.today

Back