CNNVD-202510-1255 Information

Oct 09, 2025 cve

CNNVD ID

CNNVD-202510-1255

CVE-2025-34248

CNNVD Published: 2025-10-09

Description (Chinese)

D-Link Nuclias Connect是中国友讯（D-Link）公司的一套无线网络集中管理系统。 D-Link Nuclias Connect 1.3.1.4之前版本存在安全漏洞，该漏洞源于对deleteBackupList参数清理不当，可能导致目录遍历攻击，影响系统完整性和可用性。

Description (English)

D-Link Nuclias Connect is a centralized wireless network management system for the company D-Link. There was a security loophole in the pre-D-Link Nuclias Conect 1.3.1.4 version, which stemmed from the inappropriate clean-up of the delete BackupList parameters, which could lead to a catalogue attack, affecting the integrity and availability of the system.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

友讯

Published

2025-10-09

Last Modified

2026-02-24

References

https://www.dlink.com/en/for-business/nuclias/nuclias-connect https://www.vulncheck.com/advisories/dlink-nuclias-connect-directory-traversal-to-arbitrary-file-deletion https://access.redhat.com/security/cve/cve-2025-34248

Share on: