[Japanese] | |
JVNDB-2025-002714 | |
Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers | |
Overview | |
FutureNet NXR series, VXR series and WXR series routers provided by Century Systems Co., Ltd. fail to properly handle symbolic link files (CWE-61). | |
CVSS Severity (What is CVSS?) | |
CVSS V3 Severity:
Base Metrics 6.2 (Medium) [Other]
| |
Affected Products | |
| |
Century Systems Co., Ltd. | |
As for the details of affected product names, models, and versions, refer to the information provided by the developer. | |
Impact | |
Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files. | |
Solution | |
[Update the firmware] | |
Vendor Information | |
Century Systems Co., Ltd. | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2025/03/28 |
Date First Published | 2025/03/31 |
Date Last Updated | 2025/04/03 |