CVE-2025-30485
CVE-2025-30485
UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.
CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Century Systems Co., Ltd. · FutureNet NXR-1200Century Systems Co., Ltd. · FutureNet NXR-120/CCentury Systems Co., Ltd. · FutureNet NXR-125/CXCentury Systems Co., Ltd. · FutureNet NXR-1300 seriesCentury Systems Co., Ltd. · FutureNet NXR-130/CCentury Systems Co., Ltd. · FutureNet NXR-1420Century Systems Co., Ltd. · FutureNet NXR-155/C-LCentury Systems Co., Ltd. · FutureNet NXR-155/C-WMCentury Systems Co., Ltd. · FutureNet NXR-155/C-XWCentury Systems Co., Ltd. · FutureNet NXR-160/LWCentury Systems Co., Ltd. · FutureNet NXR-230/CCentury Systems Co., Ltd. · FutureNet NXR-350/CCentury Systems Co., Ltd. · FutureNet NXR-530Century Systems Co., Ltd. · FutureNet NXR-610X seriesCentury Systems Co., Ltd. · FutureNet NXR-650Century Systems Co., Ltd. · FutureNet NXR-G050 seriesCentury Systems Co., Ltd. · FutureNet NXR-G060 seriesCentury Systems Co., Ltd. · FutureNet NXR-G100/FCentury Systems Co., Ltd. · FutureNet NXR-G100/NCentury Systems Co., Ltd. · FutureNet NXR-G100/SCentury Systems Co., Ltd. · FutureNet NXR-G100 seriesCentury Systems Co., Ltd. · FutureNet NXR-G100/SLCentury Systems Co., Ltd. · FutureNet NXR-G100/SLWCentury Systems Co., Ltd. · FutureNet NXR-G110 seriesCentury Systems Co., Ltd. · FutureNet NXR-G120 seriesCentury Systems Co., Ltd. · FutureNet NXR-G180/L-CACentury Systems Co., Ltd. · FutureNet NXR-G240 seriesCentury Systems Co., Ltd. · FutureNet NXR-G260 seriesCentury Systems Co., Ltd. · FutureNet NXR-G540 seriesCentury Systems Co., Ltd. · FutureNet VXR-x64Century Systems Co., Ltd. · FutureNet VXR-x86Century Systems Co., Ltd. · FutureNet WXR-250Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →