CNNVD-202507-2009 Information

CNNVD ID

CNNVD-202507-2009

Related CVE

CVE-2025-6265

• CNNVD Published: 2025-07-15

Description (Chinese)

Zyxel NWA50AX PRO是中国合勤（Zyxel）公司的一款无线路由器。 Zyxel NWA50AX PRO 7.10(ACGE.2)及之前版本存在路径遍历漏洞，该漏洞源于file_upload-cgi CGI程序存在路径遍历，可能导致删除配置文件。

Description (English)

Zyxel NWA50AX PRO is a wireless router of Zyxel China. Zyxel NWA50AX PRO 7.10 (ACGE.2) and previous versions have path-to-path loopholes, which stem from the history of file upload-cgi CGI, which may lead to the deletion of the configuration file.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

合勤

Published

2025-07-15

Last Modified

2026-02-24

References

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-path-traversal-vulnerability-in-aps-07-15-2025 https://nvd.nist.gov/vuln/detail/CVE-2025-6265

Patch

https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-path-traversal-vulnerability-in-aps-07-15-2025