| 제목 | SGAI N1211DS NAS v1.0.915 Command Injection |
|---|
| 설명 | The SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized remote command execution vulnerability caused by command injection. An attacker who has not verified their identity can use the OPERATE_FILE command interface to manipulate files or directories whose name containing malicious commands, thereby triggering a command injection vulnerability and gaining the highest level of control over the remote target NAS device. |
|---|
| 원천 | ⚠️ https://www.notion.so/2b16cf4e528a80f2ada9dc83651a4013 |
|---|
| 사용자 | renguangyue (UID 92629) |
|---|
| 제출 | 2025. 11. 20. AM 08:17 (5 개월 ago) |
|---|
| 모더레이션 | 2025. 12. 06. AM 10:02 (16 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 334604 [SGAI Space1 NAS N1211DS 까지 1.0.915 gsaiagent /cgi-bin/JSONAPI RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD 권한 상승] |
|---|
| 포인트들 | 0 |
|---|