#VU105868 Path traversal in HGW-BL1500HM - CVE-2025-27726

Cybersecurity Help s.r.o.

Published: 2025-03-19

Vulnerability identifier: #VU105868

Vulnerability risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-27726

CWE-ID: CWE-22

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
HGW-BL1500HM
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: KDDI CORPORATION

Description

The vulnerability allows a local attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences in the file download process of the USB storage file-sharing function. An authenticated attacker with physical access can send a specially crafted HTTP request and read arbitrary files on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

HGW-BL1500HM: 002.002.003

External links
https://jvn.jp/en/jp/JVN04278547/index.html

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in KDDI HGW-BL1500HM