High severityNVD Advisory· Published Oct 9, 2025· Updated Apr 15, 2026
CVE-2025-34248
CVE-2025-34248
Description
D-Link Nuclias Connect firmware versions < 1.3.1.4 contain a directory traversal vulnerability within /api/web/dnc/global/database/deleteBackup due to improper sanitization of the deleteBackupList parameter. This can allow an authenticated attacker to delete arbitrary files impacting the integrity and availability of the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1.3.1.4
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.