Vx800v Firmware
CVE-2025-15541
MEDIUM
Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk.
AnalysisAI
Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk. [CVSS 6.3 MEDIUM]
Technical ContextAI
Classified as CWE-59 (Improper Link Resolution Before File Access). Affects the VX800v v1.0 SFTP component of Vx800V Firmware. Improper link resolution in the VX800v v1.0 SFTP service allows authenticated adjacent attackers to use crafted symbolic links to access system files, resulting in high confidentiality impact and limited integrity risk.
RemediationAI
Monitor vendor advisories for a patch.
More in Vx800v Firmware
View allVx800V Firmware contains a vulnerability that allows attackers to high impact to confidentiality, integrity, and availab
Some VX800v v1.0 web interface endpoints transmit sensitive information over unencrypted HTTP due to missing application
Improper handling of exceptional conditions in VX800v v1.0 in SIP processing allows an attacker to flood the device with
Improper link resolution in USB HTTP access path in VX800v v1.0 allows a crafted USB device to expose root filesystem co
Same weakness CWE-59 – Improper Link Resolution Before File Access
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today