CVE-2025-25685

Name of the Vulnerable Software and Affected Versions GL-INet Beryl AX GL-MT3000 version 4.7.0

Description An issue was discovered in the device, allowing attackers to download arbitrary files from the device's file system. This is achieved by adding symbolic links on an external drive used as a Samba share.

Recommendations For GL-INet Beryl AX GL-MT3000 version 4.7.0, consider disabling the Samba share feature until a patch is available to prevent attackers from downloading arbitrary files. Restrict access to the device's file system to minimize the risk of exploitation. Avoid using external drives with symbolic links in the Samba share configuration until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.