Path Traversal Vulnerability in ASUS Routers
CVE-2025-59372

6.9MEDIUM

Key Information:

Vendor: Asus
Status: Router
Vendor: CVE Published:; 25 November 2025

What is CVE-2025-59372?

A path traversal vulnerability has been discovered in specific ASUS router models that allows remote, authenticated attackers to manipulate files outside the designated directory. This exploit can compromise the integrity of the router, leading to potential unauthorized access to sensitive system files. Network administrators must implement the recommended security updates and follow best practices to safeguard their devices.

Affected Version(s)

Router 3.0.0.4_386

Router 3.0.0.4_388

Router 3.0.0.6_102

References

https://www.asus.com/security-advisory/

vendor-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 25, 2025
Vulnerability Reserved
Sep 15, 2025

JSON

Asus

What is CVE-2025-59372?

Affected Version(s)

References

CVSS V4

Timeline