CVE-2025-58152 MEDIUM

CVE-2025-58152

Vendor Century Systems Co., Ltd.
Product FutureNet MA-X series
Weakness CWE-552 · Files accessible externally
Published October 31, 2025
Last update October 31, 2025
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and the garbage collection information on the internal web page. With some crafted HTTP request, they can be accessed without authentication.

Key dates

02Disclosure timeline

October 31, 2025 CVE published
October 31, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-39208 Git Repository Disclosure in Onedev CVE-2025-0620 Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session CVE-2025-14442 Secure Copy Content Protection and Content Locking <= 4.9.2 - Unauthenticated Sensitive Information Exposure via Exposed CSV Export File CVE-2023-32226 Sysaid - CWE-552: Files or Directories Accessible to External Parties CVE-2025-1042 Files or Directories Accessible to External Parties in GitLab