CVE-2025-58152_CVE-2025-58152

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and the garbage collection information on the internal web page. With some crafted HTTP request, they can be accessed without authentication.

Basic Information

ID CVE-2025-58152

Source jpcert

Published Oct 31, 2025 at 05:55

Affected Product

Vendor Century Systems Co., Ltd.

Product FutureNet MA-X series

Version from 6.0.0 to 6.4.1

Affected Versions Century Systems Co., Ltd. FutureNet MA-X series from 6.0.0 to 6.4.1
Century Systems Co., Ltd. FutureNet MA-E300 series from 5.0.0 to 6.2.1
Century Systems Co., Ltd. FutureNet MA-S series from 5.0.0 to 6.4.0
Century Systems Co., Ltd. FutureNet MA-P series from 5.0.0 to 6.4.0
Century Systems Co., Ltd. FutureNet IP-K series from 2.0.0 to 2.2.1

CWE Classification

CWE-552

References

{
    "lastseen": "",
    "description": "FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and the garbage collection information on the internal web page. With some crafted HTTP request, they can be accessed without authentication.",
    "published": "2025-10-31T05:55:02.996Z",
    "modified": "2025-10-31T05:55:02.996Z",
    "type": "cve",
    "title": "CVE-2025-58152",
    "source": "jpcert",
    "references": "https://www.centurysys.co.jp/backnumber/common/jvnvu98191201.html\nhttps://jvn.jp/en/vu/JVNVU98191201/",
    "id": "CVE-2025-58152",
    "bulletinFamily": "",
    "cwe": [
        "CWE-552"
    ],
    "cvelist": null,
    "sourceData": "Century Systems Co., Ltd. FutureNet MA-X series from 6.0.0 to 6.4.1\nCentury Systems Co., Ltd. FutureNet MA-E300 series from 5.0.0 to 6.2.1\nCentury Systems Co., Ltd. FutureNet MA-S series from 5.0.0 to 6.4.0\nCentury Systems Co., Ltd. FutureNet MA-P series from 5.0.0 to 6.4.0\nCentury Systems Co., Ltd. FutureNet IP-K series from 2.0.0 to 2.2.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FutureNet MA-X series",
    "version": "from 6.0.0 to 6.4.1",
    "vendor": "Century Systems Co., Ltd.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}