github · notdenied · Oct 26, 2025
diff --git a/advisories/unreviewed/2025/10/GHSA-82pw-p4cc-5522/GHSA-82pw-p4cc-5522.json b/advisories/unreviewed/2025/10/GHSA-82pw-p4cc-5522/GHSA-82pw-p4cc-5522.json
@@ -1,24 +1,52 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-82pw-p4cc-5522",
-  "modified": "2025-10-23T18:31:14Z",
+  "modified": "2025-10-23T18:32:22Z",
   "published": "2025-10-23T15:30:34Z",
   "aliases": [
     "CVE-2025-56008"
   ],
+  "summary": "XSS in KeeneticOS before 4.3 at \"Wireless ISP\" page",
   "details": "Cross site scripting (XSS) vulnerability in KeeneticOS before 4.3 at \"Wireless ISP\" page allows attackers located near to the router to takeover the device via adding additional users with full permissions.",
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Pub",
+        "name": "KeeneticOS"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "4.3+"
+            }
+          ]
+        }
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "<= 4.3"
+      }
     }
   ],
-  "affected": [],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-56008"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/notdenied/writeups/blob/main/CVE/CVE-2025-56008.md"
+    },
     {
       "type": "WEB",
       "url": "https://keenetic.com"