Submeter #698569: SGAI N1211DS NAS v1.0.915 Command Injectioninformação

TítuloSGAI N1211DS NAS v1.0.915 Command Injection
DescriçãoThe SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized remote command execution vulnerability caused by command injection. An attacker who has not verified their identity can use the OPERATE_FILE command interface to manipulate files or directories whose name containing malicious commands, thereby triggering a command injection vulnerability and gaining the highest level of control over the remote target NAS device.
Fonte⚠️ https://www.notion.so/2b16cf4e528a80f2ada9dc83651a4013
Utilizador
 renguangyue (UID 92629)
Submissão20/11/2025 08h17 (há 5 meses)
Moderação06/12/2025 10h02 (16 days later)
EstadoDuplicado
Entrada VulDB334604 [SGAI Space1 NAS N1211DS até 1.0.915 gsaiagent /cgi-bin/JSONAPI RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD Elevação de Privilégios]
Pontos0

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!