TROYANOSYVIRUS
Back to CVEs

CVE-2025-64056

MEDIUM
4.3

Description

File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbitrary files on the filesystem.

CVE Details

CVSS v3.1 Score4.3
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published12/5/2025
Last Modified1/9/2026
Sourcenvd
Honeypot Sightings0

Affected Products

fanvil:x210fanvil:x210_firmware

Weaknesses (CWE)

CWE-306

References

http://fanvil.com(cve@mitre.org)
https://github.com/SpikeReply/advisories/blob/main/cve/fanvil/cve-2025-64056.md(cve@mitre.org)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.