CVE-2025-6265

A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10(ACGE.2) and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device.

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-path-traversal-vulnerability-in-aps-07-15-2025	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:zyxel:nwa50ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa50ax:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:zyxel:nwa50ax_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa50ax_pro:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:zyxel:nwa55axe_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa55axe:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:zyxel:nwa90ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa90ax:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:zyxel:nwa90ax_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa90ax_pro:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:zyxel:nwa110ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa110ax:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:zyxel:nwa130be_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa130be:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:zyxel:nwa210ax_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa210ax:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:zyxel:nwa220ax-6e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa220ax-6e:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:zyxel:nwa1123ac_pro_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:nwa1123ac_pro:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:zyxel:wac500h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wac500h:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:zyxel:wac5302d-sv2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wac5302d-sv2:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:zyxel:wac6103d-i_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wac6103d-i:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:zyxel:wax300h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax300h:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:zyxel:wax510d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax510d:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:zyxel:wax610d_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax610d:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:zyxel:wax620d-6e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax620d-6e:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:zyxel:wax630s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax630s:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:zyxel:wax640s-6e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax640s-6e:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND

cpe:2.3:o:zyxel:wax650s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax650s:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND

cpe:2.3:o:zyxel:wax655e_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wax655e:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND

cpe:2.3:o:zyxel:wbe530_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wbe530:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND

cpe:2.3:o:zyxel:wbe660s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:wbe660s:-:*:*:*:*:*:*:*

History

14 Jan 2026, 17:48

Type	Values Removed	Values Added
References	~~() https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-path-traversal-vulnerability-in-aps-07-15-2025 -~~	() https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-path-traversal-vulnerability-in-aps-07-15-2025 - Vendor Advisory
First Time		Zyxel wax640s-6e Firmware Zyxel wac5302d-sv2 Firmware Zyxel wax650s Firmware Zyxel wax610d Firmware Zyxel nwa1123ac Pro Firmware Zyxel wax620d-6e Zyxel nwa110ax Firmware Zyxel wax510d Zyxel nwa50ax Pro Firmware Zyxel wax620d-6e Firmware Zyxel wax655e Firmware Zyxel nwa90ax Pro Firmware Zyxel nwa220ax-6e Firmware Zyxel nwa220ax-6e Zyxel wax640s-6e Zyxel wac6103d-i Zyxel wax650s Zyxel wax300h Firmware Zyxel nwa50ax Firmware Zyxel nwa50ax Zyxel wbe660s Firmware Zyxel wbe660s Zyxel nwa90ax Firmware Zyxel nwa1123ac Pro Zyxel nwa210ax Firmware Zyxel wac5302d-sv2 Zyxel nwa110ax Zyxel nwa50ax Pro Zyxel wbe530 Firmware Zyxel Zyxel wbe530 Zyxel wax610d Zyxel wac500h Zyxel wax630s Firmware Zyxel nwa210ax Zyxel wac500h Firmware Zyxel wac6103d-i Firmware Zyxel nwa130be Firmware Zyxel nwa130be Zyxel wax655e Zyxel wax510d Firmware Zyxel nwa55axe Firmware Zyxel nwa55axe Zyxel wax300h Zyxel nwa90ax Zyxel wax630s Zyxel nwa90ax Pro
CPE		cpe:2.3:o:zyxel:nwa210ax_firmware:::::::: cpe:2.3:h:zyxel:nwa210ax:-:::::::* cpe:2.3:o:zyxel:wac6103d-i_firmware:::::::: cpe:2.3:o:zyxel:nwa55axe_firmware:::::::: cpe:2.3:o:zyxel:wax620d-6e_firmware:::::::: cpe:2.3:h:zyxel:wax655e:-:::::::* cpe:2.3:o:zyxel:nwa130be_firmware:::::::: cpe:2.3:h:zyxel:nwa55axe:-:::::::* cpe:2.3:h:zyxel:nwa50ax_pro:-:::::::* cpe:2.3:o:zyxel:wax640s-6e_firmware:::::::: cpe:2.3:o:zyxel:wbe530_firmware:::::::: cpe:2.3:h:zyxel:wac6103d-i:-:::::::* cpe:2.3:h:zyxel:wax510d:-:::::::* cpe:2.3:o:zyxel:wax300h_firmware:::::::: cpe:2.3:h:zyxel:nwa110ax:-:::::::* cpe:2.3:h:zyxel:nwa220ax-6e:-:::::::* cpe:2.3:o:zyxel:wac5302d-sv2_firmware:::::::: cpe:2.3:h:zyxel:nwa130be:-:::::::* cpe:2.3:h:zyxel:nwa1123ac_pro:-:::::::* cpe:2.3:h:zyxel:wax300h:-:::::::* cpe:2.3:o:zyxel:wax610d_firmware:::::::: cpe:2.3:o:zyxel:wax650s_firmware:::::::: cpe:2.3:h:zyxel:wax650s:-:::::::* cpe:2.3:o:zyxel:wbe660s_firmware:::::::: cpe:2.3:h:zyxel:wax620d-6e:-:::::::* cpe:2.3:o:zyxel:nwa50ax_firmware:::::::: cpe:2.3:o:zyxel:nwa110ax_firmware:::::::: cpe:2.3:o:zyxel:nwa50ax_pro_firmware:::::::: cpe:2.3:h:zyxel:wbe530:-:::::::* cpe:2.3:h:zyxel:wbe660s:-:::::::* cpe:2.3:o:zyxel:wax630s_firmware:::::::: cpe:2.3:h:zyxel:wac500h:-:::::::* cpe:2.3:h:zyxel:nwa90ax_pro:-:::::::* cpe:2.3:h:zyxel:nwa90ax:-:::::::* cpe:2.3:o:zyxel:wax510d_firmware:::::::: cpe:2.3:o:zyxel:nwa1123ac_pro_firmware:::::::: cpe:2.3:o:zyxel:wax655e_firmware:::::::: cpe:2.3:o:zyxel:nwa90ax_firmware:::::::: cpe:2.3:h:zyxel:nwa50ax:-:::::::* cpe:2.3:h:zyxel:wax630s:-:::::::* cpe:2.3:h:zyxel:wax640s-6e:-:::::::* cpe:2.3:h:zyxel:wax610d:-:::::::* cpe:2.3:o:zyxel:wac500h_firmware:::::::: cpe:2.3:o:zyxel:nwa220ax-6e_firmware:::::::: cpe:2.3:h:zyxel:wac5302d-sv2:-:::::::* cpe:2.3:o:zyxel:nwa90ax_pro_firmware::::::::

15 Jul 2025, 13:14

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de path traversal en el programa CGI file_upload-cgi del firmware Zyxel NWA50AX PRO versión 7.10 (ACGE.2) y anteriores podría permitir que un atacante autenticado con privilegios de administrador acceda a directorios específicos y elimine archivos, como el archivo de configuración, en el dispositivo afectado.

15 Jul 2025, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-15 02:15

Updated : 2026-01-14 17:48

NVD link : CVE-2025-6265

Mitre link : CVE-2025-6265

CVE.ORG link : CVE-2025-6265

JSON object : View

Products Affected

zyxel

wac6103d-i
wbe660s_firmware
nwa110ax
wax610d
nwa90ax
wax610d_firmware
nwa50ax_firmware
nwa50ax_pro_firmware
wax300h
nwa90ax_pro_firmware
wax640s-6e_firmware
nwa50ax
nwa210ax
wax655e_firmware
nwa1123ac_pro_firmware
wax655e
nwa220ax-6e
wax510d_firmware
wbe530
wax620d-6e_firmware
nwa130be
wbe660s
nwa130be_firmware
wax620d-6e
wac6103d-i_firmware
wax300h_firmware
wax510d
nwa55axe_firmware
wax650s_firmware
wax650s
wbe530_firmware
nwa210ax_firmware
wac5302d-sv2_firmware
nwa1123ac_pro
nwa55axe
nwa90ax_pro
wac5302d-sv2
wax630s
nwa220ax-6e_firmware
nwa110ax_firmware
nwa90ax_firmware
wac500h_firmware
wac500h
nwa50ax_pro
wax640s-6e
wax630s_firmware

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

7.2 /10