| Título | Ugreen NAS DH2100+ V5.3.0 Incorrect Access Control |
|---|
| Descripción | A vulnerability exists in UGREEN NAS devices that allows for the leakage and modification of arbitrary files within the system. This vulnerability stems from lax checks on symbolic links within external USB devices. An attacker could create symbolic links to arbitrary files on a USB device and insert them into the NAS device, thereby gaining access to or modifying the corresponding files within the system through the UGREEN NAS client, compromising confidentiality and integrity. |
|---|
| Fuente | ⚠️ https://www.notion.so/2bc6cf4e528a8083bf3fc6f7a953f0a1 |
|---|
| Usuario | rgyue (UID 92984) |
|---|
| Sumisión | 2025-12-02 05:33 (hace 5 meses) |
|---|
| Moderación | 2025-12-14 11:48 (12 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 336411 [Ugreen DH2100+ hasta 5.3.0 USB escalada de privilegios] |
|---|
| Puntos | 17 |
|---|