EUVD-2025-9602

Malicious code in bioql PyPI...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

CVE-2025-30485 affects Century Systems FutureNet NXR/VXR/WXR routers. The issue arises from improper handling of symbolic link files when external storage is attached, allowing a logged-in administrator to obtain and/or destroy internal files. Affected component is the symbolic link/file handling...

Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers

Overview FutureNet NXR series, VXR series and WXR series routers provided by Century Systems Co., Ltd. fail to properly handle symbolic link files CWE-61. Century Systems Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Attaching to the affect...

Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine)

Overview FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. Authentication Bypass CWE-288 - CVE-2025-24846 Buffer Overflow CWE-120 - CVE-2025-25280 Chuya Hayakawa and Ryo Kamino of...

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

CVE-2025-25280

CVE-2025-25280 describes a buffer overflow in Century Systems FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine). An unauthenticated remote attacker could reboot the device by sending a specially crafted request. Affected firmware/IDs are referenced across multip...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

PT-2024-7891 · Futurenet · Futurenet Nxr Series Routers

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series routers affected versions not specified Description: The issue concerns the unexpected enabling of REST-APIs in the initial configuration of FutureNet NXR series routers, provided that either http-server GUI or Web...