CVE-2025-30485

MEDIUM Year: 2025
CVSS v3 Score
6.2
Medium
Weakness Type
CWE-61
View all →

Vulnerability Description

UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.

Related Vulnerabilities

CVE-2024-39578

MEDIUM
CVSS:6.3(Medium)

Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.1 contains a UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, l...

CWE-612024

CVE-2019-11246

MEDIUM
CVSS:6.4(Medium)

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over th...

CWE-612019

CVE-2024-25952

MEDIUM
CVSS:6.0(Medium)

Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, ...

CWE-612024

CVE-2024-25953

MEDIUM
CVSS:6.0(Medium)

Dell PowerScale OneFS versions 9.4.0.x through 9.7.0.x contains an UNIX symbolic link (symlink) following vulnerability. A local high privileged attacker could potentially exploit this vulnerability, ...

CWE-612024

CVE-2019-16775

MEDIUM
CVSS:6.5(Medium)

Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of thenode_modules folder through the bin field upon ...

CWE-612019

CVE-2021-1145

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this ...

CWE-612021