CVE-2025-24815
Received Received - Intake

Unrestricted File Upload in Nokia MantaRay NM

Publication date: 2026-06-30

Last updated on: 2026-06-30

Assigner: Nokia

Description
Nokia MantaRay NM is subject to an unrestricted file upload vulnerability due to insufficient file type validation. Successful exploitation could allow an authenticated attacker to upload malicious files onto the system.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-30
Last Modified
2026-06-30
Generated
2026-06-30
AI Q&A
2026-06-30
EPSS Evaluated
N/A
NVD
CVE-2025-24815
EUVD
EUVD-2025-210369

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
nokia mantaray_nm to 25R2-NM (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2025-24815 is an unrestricted file upload vulnerability in Nokia MantaRay NM software. It occurs because the system does not properly validate the types of files being uploaded. This flaw allows an authenticated attacker to upload malicious files onto the system.

Impact Analysis

Exploitation of this vulnerability can lead to serious security risks including compromise of confidentiality, integrity, and availability of the affected system. An attacker could upload malicious files that might execute harmful actions, potentially disrupting system operations or gaining unauthorized access.

Mitigation Strategies

To mitigate the unrestricted file upload vulnerability in Nokia MantaRay NM, you should upgrade the software to version 25R2-NM or later, where the issue has been fixed.

Ensure that only authenticated users have access to upload functionality and monitor for any suspicious file uploads.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-24815. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart