CVE-2025-30485

Sažetak

UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.

Reference

https://jvn.jp/en/vu/JVNVU92821536/
https://www.centurysys.co.jp/backnumber/common/jvnvu92821536.html

CVSS

Base:	6.2
Impact:	5.9
Exploitability:	0.3

Pristup

Vektor	Složenost	Autentikacija
PHYSICAL	LOW	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

07-04-2025 - 14:18

Objavljeno

03-04-2025 - 07:15