| Название | SGAI N1211DS NAS v1.0.915 Command Injection |
|---|
| Описание | The SGAI Space1 NAS (model N1211DS, firmware version v1.0.915) contains an unauthorized remote command execution vulnerability caused by command injection. An attacker who has not been authenticated can inject malicious commands into the path field through the NGNIX_UPLOAD command interface, thereby triggering a command injection vulnerability and gaining the highest level of control over the remote target NAS device. |
|---|
| Источник | ⚠️ https://www.notion.so/2b16cf4e528a808eadf8dfbcd054740d |
|---|
| Пользователь | renguangyue (UID 92629) |
|---|
| Представление | 20.11.2025 08:18 (5 месяцы назад) |
|---|
| Модерация | 06.12.2025 10:02 (16 days later) |
|---|
| Статус | Дубликат |
|---|
| Запись VulDB | 334604 [SGAI Space1 NAS N1211DS до 1.0.915 gsaiagent /cgi-bin/JSONAPI RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD эскалация привилегий] |
|---|
| Баллы | 0 |
|---|