PT-2025-13453 · Unknown · Hgw-Bl1500Hm

Published

2025-03-28

Updated

2025-03-28

CVE-2025-27932

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions HGW-BL1500HM versions 002.002.003 and earlier

Description The issue is related to improper limitation of a pathname to a restricted directory, also known as 'Path Traversal', in the file deletion process of the USB storage file-sharing function. This could allow an attacker to delete a file on the device or cause a denial of service (DoS) condition.

Recommendations For HGW-BL1500HM versions 002.002.003 and earlier, consider disabling the USB storage file-sharing function until a patch is available to prevent potential exploitation. Restrict access to the file deletion process to minimize the risk of unauthorized file deletion or denial of service.

Fix

DoS

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2025-27932

Affected Products

Hgw-Bl1500Hm

PT-2025-13453 · Unknown · Hgw-Bl1500Hm

CVE-2025-27932

Weakness Enumeration

Related Identifiers

Affected Products

References · 7