Lucene search
K

69 matches found

RedhatCVE
RedhatCVE
added 2025/04/05 6:38 a.m.37 views

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

6.2CVSS6.9AI score0.00284EPSS
Exploits0References1
NVD
NVD
added 2025/04/03 7:15 a.m.31 views

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

6.2CVSS0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/03 6:18 a.m.7 views

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

6.2CVSS7.1AI score0.00284EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/03 6:18 a.m.16 views

CVE-2025-30485

UNIX symbolic link Symlink following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files...

6.2CVSS0.00284EPSS
Exploits0References2
CVE
CVE
added 2025/04/03 6:18 a.m.68 views

CVE-2025-30485

CVE-2025-30485 affects Century Systems FutureNet NXR/VXR/WXR routers. The issue arises from improper handling of symbolic link files when external storage is attached, allowing a logged-in administrator to obtain and/or destroy internal files. Affected component is the symbolic link/file handling...

6.2CVSS7.1AI score0.00284EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/01 5:42 a.m.15 views

CVE-2024-36491

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service DoS condition...

9.8CVSS7.5AI score0.0065EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/03/31 7:59 a.m.3 views

Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers

Overview FutureNet NXR series, VXR series and WXR series routers provided by Century Systems Co., Ltd. fail to properly handle symbolic link files CWE-61. Century Systems Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact Attaching to the affect...

6.2CVSS6.6AI score0.00284EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/28 12:0 a.m.3 views

Century Systems FutureNet NXR和Century Systems FutureNet VXR 安全漏洞

Century Systems FutureNet NXR and Century Systems FutureNet VXR are both a series of routers from Century Systems Japan. A security vulnerability exists in Century Systems FutureNet NXR and Century Systems FutureNet VXR that stems from improper handling of symbolic link files, which could allow a...

6.2CVSS6.3AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.5 views

PT-2025-13560 · Futurenet · Futurenet Nxr Series

Name of the Vulnerable Software and Affected Versions: FutureNet NXR series, VXR series and WXR series routers affected versions not specified Description: The issue exists due to improper handling of symbolic link files. An attacker can exploit this by attaching an external storage containing...

6.2CVSS6.3AI score0.00284EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/03/05 8:43 a.m.6 views

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

5.3CVSS7.5AI score0.00474EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/05 8:39 a.m.6 views

CVE-2025-24846

Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...

7.5CVSS7.1AI score0.00494EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/03/04 5:56 a.m.5 views

Multiple vulnerabilities in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine)

Overview FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. contain multiple vulnerabilities listed below. Authentication Bypass CWE-288 - CVE-2025-24846 Buffer Overflow CWE-120 - CVE-2025-25280 Chuya Hayakawa and Ryo Kamino of...

7.5CVSS7AI score0.00494EPSS
Exploits0References6
NVD
NVD
added 2025/03/03 9:15 a.m.6 views

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

5.3CVSS0.00474EPSS
Exploits0References2
NVD
NVD
added 2025/03/03 9:15 a.m.7 views

CVE-2025-24846

Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...

7.5CVSS0.00494EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/03 8:25 a.m.4 views

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

5.3CVSS5.6AI score0.00474EPSS
Exploits0References2
CVE
CVE
added 2025/03/03 8:25 a.m.43 views

CVE-2025-25280

CVE-2025-25280 describes a buffer overflow in Century Systems FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine). An unauthenticated remote attacker could reboot the device by sending a specially crafted request. Affected firmware/IDs are referenced across multip...

5.3CVSS5.6AI score0.00474EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/03 8:25 a.m.11 views

CVE-2025-25280

Buffer overflow vulnerability exists in FutureNet AS series Industrial Routers and FA series Protocol Conversion Machine provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request...

5.3CVSS0.00474EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/03/03 8:23 a.m.5 views

CVE-2025-24846

Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...

7.5CVSS7.6AI score0.00494EPSS
Exploits0References2
CVE
CVE
added 2025/03/03 8:23 a.m.45 views

CVE-2025-24846

The CVE-2025-24846 entry describes an authentication bypass in Century Systems’ FutureNet AS series Industrial Routers (CWE-288). An unauthenticated, remote attacker could obtain device information such as MAC addresses by sending a specially crafted request. Connected sources (JVN/JPCERT, Red Ha...

7.5CVSS7AI score0.00494EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/03 8:23 a.m.13 views

CVE-2025-24846

Authentication bypass vulnerability exists in FutureNet AS series Industrial Routers provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request...

7.5CVSS0.00494EPSS
Exploits0References2
Rows per page
Query Builder