PT-2025-29534 · Zyxel · Zyxel Nwa50Ax Pro
Published
2025-07-15
·
Updated
2025-07-29
·
CVE-2025-6265
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Zyxel NWA50AX PRO firmware versions 7.10(ACGE.2) and earlier
Description
A path traversal vulnerability exists in the
file upload-cgi CGI program. This could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device.Recommendations
Update Zyxel NWA50AX PRO firmware to a version later than 7.10(ACGE.2).
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zyxel Nwa50Ax Pro