Century Systems Co Ltd Futurenet Nxr-1200 vulnerabilities
4 known vulnerabilities affecting century_systems_co_ltd/futurenet_nxr-1200.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-31070P2CRITICALCVSS 9.1vfirmware version 5.25.21 and earlier2024-07-17
CVE-2024-31070 [CRITICAL] CWE-1188 CVE-2024-31070: Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR ser
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly.
nvd
CVE-2024-36475P3HIGHCVSS 8.8vfirmware version 5.25.21 and earlier2024-07-17
CVE-2024-36475 [HIGH] CWE-78 CVE-2024-36475: FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an act
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed.
nvd
CVE-2024-36491P3CRITICALCVSS 9.8vfirmware version 5.25.21 and earlier2024-07-17
CVE-2024-36491 [CRITICAL] CWE-78 CVE-2024-36491: FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an admin
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service (DoS) condition.
nvd
CVE-2025-30485P4MEDIUMCVSS 6.2vN/A2025-04-03
CVE-2025-30485 [MEDIUM] CWE-61 CVE-2025-30485: UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR seri
UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.
nvd