CVE-2025-6185 Information
Jul 19, 2025
cve
Description
Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cross-site scripting vulnerability allowing an attacker to craft a malicious payload in URL parameters which would execute in a client browser when accessed by a user steal session tokens and control the service.
Reference
https://leviton.com/support/resources/product-support https://www.cisa.gov/news-events/ics-advisories/icsa-25-198-01
Related CNNVD
CNNVD-202507-2361 (Published: 2025-07-17)
Share on: