Home

Description

A path traversal vulnerability has been identified in certain router models. A remote, authenticated attacker could exploit this vulnerability to write files outside the intended directory, potentially affecting device integrity. Refer to the 'Security Update for ASUS Router Firmware' section on the ASUS Security Advisory for more information.

PUBLISHED Reserved 2025-09-15 | Published 2025-11-25 | Updated 2025-11-25 | Assigner ASUS




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Product status

Default status
unaffected

3.0.0.4_386
affected

3.0.0.4_388
affected

3.0.0.6_102
affected

References

www.asus.com/security-advisory/ vendor-advisory

cve.org (CVE-2025-59372)

nvd.nist.gov (CVE-2025-59372)

Download JSON