EUVD-2025-9602

Malicious code in bioql PyPI...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

CVE-2025-30485 affects Century Systems FutureNet NXR/VXR/WXR routers. The issue arises from improper handling of symbolic link files when external storage is attached, allowing a logged-in administrator to obtain and/or destroy internal files. Affected component is the symbolic link/file handling...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers

Overview FutureNet NXR series, VXR series and WXR series routers provided by Century Systems Co., Ltd. fail to properly handle symbolic link files CWE-61. Century Systems Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Attaching to the affect...

Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine)

Overview FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. Authentication Bypass CWE-288 - CVE-2025-24846 Buffer Overflow CWE-120 - CVE-2025-25280 Chuya Hayakawa and Ryo Kamino of...

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

CVE-2025-25280

CVE-2025-25280 describes a buffer overflow in Century Systems FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine). An unauthenticated remote attacker could reboot the device by sending a specially crafted request. Affected firmware/IDs are referenced across multip...

CVE-2024-50357

FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial factory default configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server GUI or Web authentication ...

PT-2024-7891 · Futurenet · Futurenet Nxr Series Routers

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series routers affected versions not specified Description: The issue concerns the unexpected enabling of REST-APIs in the initial configuration of FutureNet NXR series routers, provided that either http-server GUI or Web...

The vulnerability of the Telnet service of the microprogramming software for routers such as FutureNet NXR, FutureNet VXR, and FutureNet WXR allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Telnet service provided by the microprogramming software for FutureNet NXR, FutureNet VXR, and FutureNet WXR is related to insecure resource initialization. Exploiting this vulnerability can allow an attacker, operating remotely, to compromise the confidentiality,...