69 matches found
CVE-2025-30485
UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...
CVE-2025-30485
UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...
CVE-2025-30485
UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...
CVE-2025-30485
UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...
CVE-2025-30485
CVE-2025-30485 affects Century Systems FutureNet NXR/VXR/WXR routers. The issue arises from improper handling of symbolic link files when external storage is attached, allowing a logged-in administrator to obtain and/or destroy internal files. Affected component is the symbolic link/file handling...
CVE-2024-36491
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...
Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers
Overview FutureNet NXR series, VXR series and WXR series routers provided by Century Systems Co., Ltd. fail to properly handle symbolic link files CWE-61. Century Systems Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Attaching to the affect...
Century Systems FutureNet NXR和Century Systems FutureNet VXR 安全漏洞
Century Systems FutureNet NXR and Century Systems FutureNet VXR are both a series of routers from Century Systems Japan. A security vulnerability exists in Century Systems FutureNet NXR and Century Systems FutureNet VXR that stems from improper handling of symbolic link files, which could allow a...
PT-2025-13560 · Futurenet · Futurenet Nxr Series
Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series routers affected versions not specified Description: The issue exists due to improper handling of symbolic link files. An attacker can exploit this by attaching an external storage containing...
CVE-2025-25280
Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...
CVE-2025-24846
Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...
Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine)
Overview FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. Authentication Bypass CWE-288 - CVE-2025-24846 Buffer Overflow CWE-120 - CVE-2025-25280 Chuya Hayakawa and Ryo Kamino of...
CVE-2025-25280
Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...
CVE-2025-24846
Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...
CVE-2025-25280
Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...
CVE-2025-25280
CVE-2025-25280 describes a buffer overflow in Century Systems FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine). An unauthenticated remote attacker could reboot the device by sending a specially crafted request. Affected firmware/IDs are referenced across multip...
CVE-2025-25280
Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...
CVE-2025-24846
Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...
CVE-2025-24846
The CVE-2025-24846 entry describes an authentication bypass in Century Systems’ FutureNet AS series Industrial Routers (CWE-288). An unauthenticated, remote attacker could obtain device information such as MAC addresses by sending a specially crafted request. Connected sources (JVN/JPCERT, Red Ha...
CVE-2025-24846
Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...