Futurenet Nxr G060 Series
Approved changes feed: RSS · Atom
cpe:2.3:a:century_systems_co.,_ltd.:futurenet_nxr-g060_series:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Century Systems Co., Ltd. (07e59bff-8755-564a-adf1-e33cdb5b6cbc) |
|---|---|
| Product | Futurenet Nxr G060 Series (a0a53f04-77b3-52b4-b5f0-aee09db05718) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-30485 |
vulnerable | 2026-06-03 15:00:28.382698 |
Details available
MEDIUM (6.2)
UNIX symbolic link (Symlink) following issue exists in FutureNet NXR series, VXR series and WXR series routers. Attaching to the affected product an external storage containing malicious symbolic link files, a logged-in administrative user may obtain and/or destroy internal files.
Published: 2025-04-03T06:18:36.311Z
Updated: 2025-04-03T13:41:26.206Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-50357 |
vulnerable | 2026-06-03 14:57:24.039905 |
Details available
CRITICAL (9.8)
FutureNet NXR series routers provided by Century Systems Co., Ltd. have REST-APIs, which are configured as disabled in the initial (factory default) configuration. But, REST-APIs are unexpectedly enabled when the affected product is powered up, provided either http-server (GUI) or Web authentication is enabled. The factory default configuration makes http-server (GUI) enabled, which means REST-APIs are also enabled. The username and the password for REST-APIs are configured in the factory default configuration. As a result, an attacker may obtain and/or alter the affected product's settings via REST-APIs.
Published: 2024-11-29T09:06:56.251Z
Updated: 2024-12-02T18:15:27.594Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36491 |
vulnerable | 2026-06-03 14:56:04.676510 |
Details available
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow an administrative user to execute an arbitrary OS command, obtain and/or alter sensitive information, and cause a denial-of-service (DoS) condition.
Published: 2024-07-17T08:50:11.777Z
Updated: 2025-04-08T20:43:36.698Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36475 |
vulnerable | 2026-06-03 14:56:04.634704 |
Details available
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an active debug code vulnerability. If a user who knows how to use the debug function logs in to the product, the debug function may be used and an arbitrary OS command may be executed.
Published: 2024-07-17T08:48:33.524Z
Updated: 2024-08-02T03:37:05.246Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-31070 |
vulnerable | 2026-06-03 14:55:38.981670 |
Details available
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allows a remote unauthenticated attacker to access telnet service unlimitedly.
Published: 2024-07-17T08:47:22.506Z
Updated: 2024-08-02T01:46:04.358Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.