Symlink Vulnerability in FutureNet Routers
CVE-2025-30485

6.2MEDIUM

Key Information:

Vendor: Century Systems Co., Ltd.
Status: Futurenet Nxr-1420; Futurenet Nxr-1300 Series; Futurenet Nxr-650; Futurenet Nxr-610x Series
Vendor: CVE Published:; 3 April 2025

🔔 Create Century Systems Co., Ltd. Vulnerability Alert

What is CVE-2025-30485?

A symlink vulnerability has been identified in FutureNet's NXR, VXR, and WXR series routers. This flaw allows an attacker to exploit the system by attaching external storage with malicious symbolic link files. If an administrative user is logged in, they may inadvertently access or overwrite internal system files, potentially leading to data loss or corruption. It is essential to address this vulnerability promptly to maintain the integrity of the network and ensure secure operations.

Affected Version(s)

FutureNet NXR-120/C

FutureNet NXR-1200

FutureNet NXR-125/CX

References

https://www.centurysys.co.jp/backnumber/common/jvnvu92821...

https://jvn.jp/en/vu/JVNVU92821536/

CVSS V3.0

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 3, 2025
Vulnerability Reserved
Mar 24, 2025