CVE-2025-59372 โ€” Path Traversal in Router

CWE-22 โ€” Path Traversal3 documents3 sources
Severity
6.9MEDIUMNVD
EPSS
0.4%
top 41.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Asus Router
Timeline
PublishedNov 25

Description

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

โ–ถCVEListV5asus/router3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102+2

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-5c6f-f3p9-5w4q: A path traversal vulnerability has been identified in certain router modelsโ†—2025-11-25
โ–ถ
CVEList
CVE-2025-59372: A path traversal vulnerability has been identified in certain router modelsโ†—2025-11-25
โ–ถ
CVE-2025-59372 โ€” Path Traversal in Asus Router | cvebase