PT-2025-26692 · Unknown · Wrc-2533Gst2+1
Tien Phan
·
Published
2025-06-24
·
Updated
2026-02-03
·
CVE-2025-36519
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
WRC-2533GST2 (affected versions not specified)
WRC-1167GST2 (affected versions not specified)
Description:
The issue is related to the unrestricted upload of files with dangerous types. If a specially crafted file is uploaded by a remote authenticated attacker, arbitrary code may be executed on the product.
Recommendations:
For WRC-2533GST2, restrict access to file upload functionality to minimize the risk of exploitation.
For WRC-1167GST2, consider disabling file upload functionality until a fix is available.
As a temporary workaround, consider validating and sanitizing all uploaded files to prevent the execution of arbitrary code.
Fix
RCE
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wrc-1167Gst2
Wrc-2533Gst2