QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-30485

Back to search

CVE-2025-30485

Published: Apr 3, 2025

Modified: Apr 3, 2025

PUBLISHED

CVSS v3.0

6.2

MEDIUM

Description

UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.

VendorProductVersions

Century Systems Co., Ltd.

FutureNet NXR-1420

affected
firmware version 31.0.1 and earlier

Century Systems Co., Ltd.

FutureNet NXR-1300 series

affected
firmware version 7.4.12 and earlier

Century Systems Co., Ltd.

FutureNet NXR-650

affected
firmware version 21.16.5 and earlier

Century Systems Co., Ltd.

FutureNet NXR-610X series

affected
firmware version 21.14.11D and earlier

Century Systems Co., Ltd.

FutureNet NXR-530

affected
firmware version 21.11.15 and earlier

Century Systems Co., Ltd.

FutureNet NXR-350/C

affected
firmware version 5.30.9C and earlier

Century Systems Co., Ltd.

FutureNet NXR-230/C

affected
firmware version 5.30.13 and earlier

Century Systems Co., Ltd.

FutureNet NXR-160/LW

affected
firmware version 21.8.4 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G540 series

affected
firmware version 21.17.0

Century Systems Co., Ltd.

FutureNet NXR-G260 series

affected
firmware version 9.12.17 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G240 series

affected
firmware version 9.12.17 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G180/L-CA

affected
firmware version 21.7.33 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G120 series

affected
firmware version 21.15.2C1 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G110 series

affected
firmware version 21.15.10 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G100 series

affected
firmware version 6.23.11 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G060 series

affected
firmware version 21.15.6C2 and earlier

Century Systems Co., Ltd.

FutureNet NXR-G050 series

affected
firmware version 21.12.11 and earlier

Century Systems Co., Ltd.

FutureNet VXR-x64

affected
firmware version 21.7.33 and earlier

Century Systems Co., Ltd.

FutureNet VXR-x86

affected
firmware version 10.1.5 and earlier

Century Systems Co., Ltd.

FutureNet NXR-1200

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-130/C

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-155/C-L

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-155/C-XW

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-155/C-WM

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-125/CX

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-120/C

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-G100/SLW

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-G100/SL

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-G100/S

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-G100/N

affected
N/A

Century Systems Co., Ltd.

FutureNet NXR-G100/F

affected
N/A

Century Systems Co., Ltd.

FutureNet WXR-250

affected
N/A

Weaknesses (CWE)

CWE-61

CVSS v3.0 Details

CVSS v3.0 Vector

CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now