CVE-2025-30485

Published Apr 3, 2025

Last updated 3 days ago

CVSS medium 6.2

Overview

Description: UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.
Source: vultures@jpcert.or.jp
NVD status: Received

Risk scores

CVSS 3.0

Type: Secondary
Base score: 6.2
Impact score: 5.9
Exploitability score: 0.3
Vector string: CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

vultures@jpcert.or.jp: CWE-61

Hype score: Not currently trending

CVE-2025-30485 UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage … https://t.co/LLVkjTQB3h
@CVEnew
3 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References