1. Home
  2. CVE Database
  3. CVE-2025-8075
MEDIUM · 5.4

CVE-2025-8075

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messag...

Vulnerability Description

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
HanwhavisionXno-8082R Firmware< 2.24.00
HanwhavisionXno-8082R-
HanwhavisionXnv-8082R Firmware< 2.24.00
HanwhavisionXnv-8082R-
HanwhavisionXnd-8082Rf Firmware< 2.24.00
HanwhavisionXnd-8082Rf-
HanwhavisionXnd-8082Rv Firmware< 2.24.00
HanwhavisionXnd-8082Rv-
HanwhavisionXnb-8002 Firmware< 2.24.00
HanwhavisionXnb-8002-
HanwhavisionPnm-9084Qz1 Firmware< 2.23.00
HanwhavisionPnm-9084Qz1-
HanwhavisionPnm-9084Rqz1 Firmware< 2.23.00
HanwhavisionPnm-9084Rqz1-
HanwhavisionPnm-9085Rqz1 Firmware< 2.23.00
HanwhavisionPnm-9085Rqz1-
HanwhavisionPnm-9322Vqp Firmware< 2.23.00
HanwhavisionPnm-9322Vqp-
HanwhavisionQnv-C9083R Firmware< 2.22.10
HanwhavisionQnv-C9083R-

Related Weaknesses (CWE)

CWE-20CWE-79

References

FAQ

What is CVE-2025-8075?

CVE-2025-8075 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered that validation of incoming XML format request messag...

How severe is CVE-2025-8075?

CVE-2025-8075 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-8075?

Check the references section above for vendor advisories and patch information. Affected products include: Hanwhavision Xno-8082R Firmware, Hanwhavision Xno-8082R, Hanwhavision Xnv-8082R Firmware, Hanwhavision Xnv-8082R, Hanwhavision Xnd-8082Rf Firmware.