CVE-2025-36519
Awaiting Analysis
Awaiting Analysis - Queue
BaseFortify
Publication date: 2025-06-24
Last updated on: 2026-02-03
Assigner: JPCERT/CC
Description
Description
Unrestricted upload of file with dangerous type issue exists in WRC-2533GST2, WRC-1167GST2, WRC-2533GST2, WRC-2533GS2V-B,WRC-2533GS2-B v1.69 and earlier, WRC-2533GS2-W, WRC-1167GST2, WRC-1167GS2-B, and WRC-1167GS2H-B. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves an unrestricted upload of files with dangerous types in the WRC-2533GST2 and WRC-1167GST2 products. A remote authenticated attacker can upload a specially crafted file, which may lead to arbitrary code execution on the affected product.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to execute arbitrary code on the affected product, potentially compromising the system's security and integrity.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70