Security Advisory

CVE-2025-34248

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-09 20:43:53

Last updated 2026-05-15 11:15:39

Assigner VulnCheck

State PUBLISHED

Description

D-Link Nuclias Connect firmware versions < 1.3.1.4 contain a directory traversal vulnerability within /api/web/dnc/global/database/deleteBackup due to improper sanitization of the deleteBackupList parameter. This can allow an authenticated attacker to delete arbitrary files impacting the integrity and availability of the system.

← Browse all CVEs View on cve.org ↗