Submeter #698566: SGAI N1211DS NAS v1.0.915 Improper Authenticationinformação

TítuloSGAI N1211DS NAS v1.0.915 Improper Authentication
DescriçãoThe SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized information disclosure vulnerability. This vulnerability is caused by lax authentication of the GET_FACTORY_INFO interface. It allows attackers to obtain sensitive information such as the remote target device's system password and Wi-Fi password in plaintext, enabling unauthorized remote attackers to log in to the remote target NAS device's backend management system.
Fonte⚠️ https://www.notion.so/2b16cf4e528a8000b30bd543247fa1bd
Utilizador
 renguangyue (UID 92629)
Submissão20/11/2025 08h14 (há 5 meses)
Moderação06/12/2025 10h02 (16 days later)
EstadoAceite
Entrada VulDB334603 [SGAI Space1 NAS N1211DS até 1.0.915 gsaiagent /cgi-bin/JSONAPI GET_FACTORY_INFO/GET_USER_INFO Elevação de Privilégios]
Pontos17

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!