| 제목 | SGAI N1211DS NAS v1.0.915 Improper Authentication |
|---|
| 설명 | The SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized information disclosure vulnerability. This vulnerability is caused by lax authentication of the GET_USER_INFO interface. By exploiting this vulnerability, sensitive information such as the owner's APP account (phone number) and password of the remote target device can be obtained, thereby enabling unauthorized management of the remote NAS device. |
|---|
| 원천 | ⚠️ https://www.notion.so/2b16cf4e528a80859264db63f2340d7a |
|---|
| 사용자 | renguangyue (UID 92629) |
|---|
| 제출 | 2025. 11. 20. AM 08:15 (5 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 06. AM 10:02 (16 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 334603 [SGAI Space1 NAS N1211DS 까지 1.0.915 gsaiagent /cgi-bin/JSONAPI GET_FACTORY_INFO/GET_USER_INFO 권한 상승] |
|---|
| 포인트들 | 0 |
|---|