CVE-2025-27718

NONE EPSS 51.9%
Published Mar 28, 20251y ago · Modified Jun 17, 20261w ago
Find Similar
Published Mar 28, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file upload process of the USB storage file-sharing function of HGW-BL1500HM Ver 002.002.003 and earlier. If this vulnerability is exploited, the product's files may be obtained and/or altered or arbitrary code may be executed by a crafted HTTP request to specific functions of the product from a device connected to the LAN side.

Threat Intelligence

EPSS Exploit Probability
51.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

References 2

  • jvn.jp https://jvn.jp/en/jp/JVN04278547/
  • kddi-tech.com https://kddi-tech.com/contents/appendix_L2_06.html#64433e4a-8946-9c06-bddf-91cbfe56c8e5

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.