CVE-2025-27718

Name of the Vulnerable Software and Affected Versions HGW-BL1500HM versions 002.002.003 and earlier

Description A Path Traversal issue exists in the file upload process of the USB storage file-sharing function. This issue can be exploited by sending a crafted HTTP request to specific functions of the product from a device connected to the LAN side, potentially allowing attackers to obtain and/or alter the product's files or execute arbitrary code.

Recommendations For HGW-BL1500HM versions 002.002.003 and earlier, consider disabling the USB storage file-sharing function until a patch is available to prevent potential exploitation. Restrict access to the LAN side to minimize the risk of exploitation. Avoid using the file upload process in the USB storage file-sharing function until the issue is resolved.