CVE-2025-6265

{"id": "CVE-2025-6265", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@zyxel.com.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2025-07-15T02:15:28.080", "references": [{"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-path-traversal-vulnerability-in-aps-07-15-2025", "tags": ["Vendor Advisory"], "source": "security@zyxel.com.tw"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@zyxel.com.tw", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device."}, {"lang": "es", "value": "Una vulnerabilidad de path traversal en el programa CGI file_upload-cgi del firmware Zyxel NWA50AX PRO versi\u00f3n 7.10 (ACGE.2) y anteriores podr\u00eda permitir que un atacante autenticado con privilegios de administrador acceda a directorios espec\u00edficos y elimine archivos, como el archivo de configuraci\u00f3n, en el dispositivo afectado."}], "lastModified": "2026-01-14T17:48:56.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3ABC9DC7-6366-4362-A178-C947BAFF95FB", "versionEndIncluding": "7.10\\(abyw.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2806A3B3-8F13-4170-B284-8809E3502044"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18C579AF-58FE-4A03-A4EB-8DC84A6E5141", "versionEndIncluding": "7.10\\(acge.2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F36E7DCD-08BA-4FA1-9A8E-ADE956704132"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E84DF74-7E7F-4D90-8964-F58ACC7F2120", "versionEndIncluding": "7.10\\(abzl.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B7440976-5CB4-40BE-95C2-98EF4B888109"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEECC3EE-7DA0-45DD-A20A-9D3D815CE341", "versionEndIncluding": "7.10\\(accv.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3A903978-737E-4266-A670-BC94E32CAF96"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D43260E4-A669-4B6E-8DD4-6BA916C62261", "versionEndIncluding": "7.10\\(acgf.2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "480A495A-A4C4-4696-B500-B6333C79A28B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1563BD16-6F2E-4BC1-A7E9-23D47E05EB4F", "versionEndIncluding": "7.10\\(abtg.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A3F9232-F988-4428-9898-4F536123CE88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2431CFC1-8E08-4BEF-A1C3-68958200922B", "versionEndIncluding": "7.10\\(acil.2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "782F9AB7-3464-4BFE-B502-B62CD51A8865"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E39603A1-8645-460F-9946-5B0089AB5007", "versionEndIncluding": "7.10\\(abtd.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1BB129F9-64D8-43C2-9366-51EBDF419F5F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11FAFF43-1A25-4FA1-8D22-344B070CD4E6", "versionEndIncluding": "7.10\\(acco.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6E03F755-424D-4248-9076-ED7BECEB94C5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:nwa1123ac_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "591809CC-8568-4B2A-8E7F-9C20897B942A", "versionEndIncluding": "6.28\\(abhd.3\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:nwa1123ac_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1E22C439-5846-4FCE-9E13-ED5B57338BEC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0E59BB1-C650-445A-94BA-7085FFCE4799", "versionEndIncluding": "6.70\\(abwa.6\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1A1FD502-4F62-4C77-B3BC-E563B24F0067"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84A8FBD7-8461-474E-AFB1-BCAE24D4A2CD", "versionEndIncluding": "6.25\\(abvz.9\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A690501F-DC2D-4F90-ABC0-33B5F1279C36"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F995DF12-42CF-4A8C-9A0C-2E6D4FA4A142", "versionEndIncluding": "6.28\\(aaxh.3\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "341DB051-7F01-4B36-BA15-EBC25FACB439"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "880D3950-4288-4DFA-82C4-188B44C3CA37", "versionEndIncluding": "7.10\\(achf.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C3073565-BCDF-46EA-8FB0-E9BF402A5122"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30EFFF4F-BC11-4872-87C5-315299CDDDBA", "versionEndIncluding": "7.10\\(abtf.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2A37A0E9-D505-4376-AB0E-1C0FD7E53A55"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A86FB93-1B01-4F65-90BD-11B934FFE6ED", "versionEndIncluding": "7.10\\(abte.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3518DA0A-2C7B-4979-A457-0826C921B0F0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "473FDFE9-8A6D-41B5-9CAE-445E3E6676D1", "versionEndIncluding": "7.10\\(accn.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B4EBCC9-4FF9-41FC-9FFE-DBFAB239888B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF5BEFCC-974D-4A32-B35D-D849FA87D2A5", "versionEndIncluding": "7.10\\(abzd.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DC74AAF9-5206-4CEB-9023-6CD4F38AA623"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B8FCACC-1E6C-43E3-BC91-A55D6212A10C", "versionEndIncluding": "7.10\\(accm.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "20E4E9A0-DF92-47B7-94D6-0867E3171E47"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2FAEB70-44C5-4A02-909F-08A06BBA63C4", "versionEndIncluding": "7.10\\(abrm.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D784994E-E2CE-4328-B490-D9DC195A53DB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59687CAC-69D9-4E58-A4CF-5BCE99649A3A", "versionEndIncluding": "7.10\\(acdo.1\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "61158220-B5E8-4BF4-B2C2-E8ABFD3266CF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFC38D6D-887A-4927-8D9D-561A6EC87E8C", "versionEndIncluding": "7.10\\(acle.2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3061579E-C708-42BC-86FC-B6223B941335"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4805CF6-6DE5-4638-B615-5CE412A46CA0", "versionEndIncluding": "7.10\\(acgg.2\\)"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9FC2F3A4-0598-49B0-9829-AF43C97E9E8E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@zyxel.com.tw"}