Security Advisory

CVE-2025-61871

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-10 04:52:17

Last updated 2025-10-10 18:32:49

Assigner jpcert

State PUBLISHED

Description

NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.

← Browse all CVEs View on cve.org ↗