CNNVD-202512-2710 Information

CNNVD ID

CNNVD-202512-2710

Related CVE

CVE-2025-14709

• CNNVD Published: 2025-12-15

Description (Chinese)

SGWBox N3是中国拾光坞（SGWBox）公司的一个网络存储设备。 SGWBox N3 2.0.25版本存在安全漏洞，该漏洞源于对文件/usr/sbin/http_eshell_server中参数params的错误操作，可能导致缓冲区溢出。

Description (English)

SGWBox N3 is a network storage facility for the China Gingerwood Company. There is a security loophole in version SGWBox N3 2.0.25, which stems from the erroneous operation of paraams of the parameters in the document/usr/sbin/http eshell server, which could lead to spills in the buffer zone.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

拾光坞

Published

2025-12-15

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.336426 https://vuldb.com/?id.336426 https://vuldb.com/?submit.706989 https://www.notion.so/sgwbox-NAS-N3-Buffer-Overflow-2be6cf4e528a80258b82dee0d6d1ebd1?source=copy_link