#VU106237 UNIX symbolic link following in Century Systems products - CVE-2025-30485

Cybersecurity Help s.r.o.

Published: 2025-03-28

Vulnerability identifier: #VU106237

Vulnerability risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-30485

CWE-ID: CWE-61

Exploitation vector: Local

Exploit availability: No

Vendor: Century Systems

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a symlink following issue. An administrator with physical access can create a specially crafted symbolic link to a critical file on the system and obtain or destroy internal files.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FutureNet NXR-1420: 31.0.1

FutureNet NXR-1300: 7.4.12

FutureNet NXR-650: 21.16.5

FutureNet NXR-610X: 21.14.11D

FutureNet NXR-530: 21.11.15

FutureNet NXR-350/C: 5.30.9C

FutureNet NXR-230/C: 5.30.13

FutureNet NXR-160/LW: 21.8.4

FutureNet NXR-G540: 21.17.0

FutureNet NXR-G260: 9.12.17

FutureNet NXR-G240: 9.12.17

FutureNet NXR-G180/L-CA: 21.7.33

FutureNet NXR-G120: 21.15.2C1

FutureNet NXR-G110: 21.15.10

FutureNet NXR-G100: 6.23.11

FutureNet NXR-G060: 21.15.6C2

FutureNet NXR-G050: 21.12.11

FutureNet VXR-x64: 21.7.33

FutureNet VXR-x86: 10.1.5

External links
https://jvn.jp/en/vu/JVNVU92821536/index.html
https://www.centurysys.co.jp/backnumber/common/jvnvu92821536.html

Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

UNIX symbolic link following in FutureNet NXR series and VXR series routers