{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-002714.html",
  "dc:date": "2025-04-03T15:19+09:00",
  "dcterms:issued": "2025-03-31T16:59+09:00",
  "dcterms:modified": "2025-04-03T15:19+09:00",
  "description": "FutureNet NXR series, VXR series and WXR series routers provided by Century Systems Co., Ltd. fail to properly handle symbolic link files (CWE-61).\r\n\r\nCentury Systems Co., Ltd. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-002714.html",
  "sec:cpe": [
    {
      "#text": "cpe:/o:centurysys:futurenet_nxr",
      "@product": "FutureNet NXR series",
      "@vendor": "Century Systems Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:centurysys:futurenet_vxr",
      "@product": "FutureNet VXR series",
      "@vendor": "Century Systems Co., Ltd.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/o:centurysys:futurenet_wxr",
      "@product": "FutureNet WXR series",
      "@vendor": "Century Systems Co., Ltd.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "6.2",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2025-002714",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU92821536/index.html",
      "@id": "JVNVU#92821536",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2025-30485",
      "@id": "CVE-2025-30485",
      "@source": "CVE"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/61.html",
      "@id": "CWE-61",
      "@title": "UNIX Symbolic Link (Symlink) Following(CWE-61)"
    }
  ],
  "title": "Improper symbolic link file handling in FutureNet NXR series, VXR series and WXR series routers"
}