CVE-2025-60262

Published: Jan 6, 2026

Modified: Jan 6, 2026

PUBLISHED

Description

An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulnerability about vsftpd. Through this vulnerability, all files uploaded anonymously via the FTP protocol is automatically owned by the root user and remote attackers could gain root-level control over the devices.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.notion.so/23e54a1113e780d686fbe1624ee0465d

https://www.notion.so/Misconfiguration-in-H3C-23e54a1113e780d686fbe1624ee0465d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-60262

Description

Affected Products

References