Description

An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SWBA1A0V100R006 wireless access point, there is a misconfiguration vulnerability about vsftpd. Through this vulnerability, all files uploaded anonymously via the FTP protocol is automatically owned by the root user and remote attackers could gain root-level control over the devices.

INFO

Published Date :

2026-01-06T00:00:00.000Z

Last Modified :

2026-01-06T15:46:59.864Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-60262 vulnerability.

Vendors Products
H3c
  • Ba1500l
  • M102g
  • Magic Ba1500l
  • Magic Ba1500l Firmware
  • Mc102-g
  • Mc102-g Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-60262.

URL Resource
https://www.notion.so/23e54a1113e780d686fbe1624ee0465d cve-icon cve-icon
https://www.notion.so/Misconfiguration-in-H3C-23e54a1113e780d686fbe1624ee0465d cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact