Enviar #698568: SGAI N1211DS NAS v1.0.915 Command Injectioninformación

TítuloSGAI N1211DS NAS v1.0.915 Command Injection
DescripciónThe SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized remote command execution vulnerability caused by command injection. An attacker who has not verified their identity can rename a file or directory containing a malicious command filename through the RENAME_FILEcommand interface, thereby triggering a command injection vulnerability and gaining the highest control privileges on the remote target NAS device.
Fuente⚠️ https://www.notion.so/2b16cf4e528a80858abbf62b721a54b0
Usuario
 renguangyue (UID 92629)
Sumisión2025-11-20 08:16 (hace 5 meses)
Moderación2025-12-06 10:02 (16 days later)
EstadoAceptado
Entrada de VulDB334604 [SGAI Space1 NAS N1211DS hasta 1.0.915 gsaiagent /cgi-bin/JSONAPI RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD escalada de privilegios]
Puntos17

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!