Enviar #698566: SGAI N1211DS NAS v1.0.915 Improper Authenticationinformación

TítuloSGAI N1211DS NAS v1.0.915 Improper Authentication
DescripciónThe SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized information disclosure vulnerability. This vulnerability is caused by lax authentication of the GET_FACTORY_INFO interface. It allows attackers to obtain sensitive information such as the remote target device's system password and Wi-Fi password in plaintext, enabling unauthorized remote attackers to log in to the remote target NAS device's backend management system.
Fuente⚠️ https://www.notion.so/2b16cf4e528a8000b30bd543247fa1bd
Usuario
 renguangyue (UID 92629)
Sumisión2025-11-20 08:14 (hace 5 meses)
Moderación2025-12-06 10:02 (16 days later)
EstadoAceptado
Entrada de VulDB334603 [SGAI Space1 NAS N1211DS hasta 1.0.915 gsaiagent /cgi-bin/JSONAPI GET_FACTORY_INFO/GET_USER_INFO escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!