CNNVD-202512-2727 Information

CNNVD ID

CNNVD-202512-2727

Related CVE

CVE-2025-14704

• CNNVD Published: 2025-12-15

Description (Chinese)

SGWBox N3是中国拾光坞（SGWBox）公司的一个网络存储设备。 SGWBox N3 2.0.25版本存在路径遍历漏洞，该漏洞源于对文件/eshell的错误操作，可能导致路径遍历。

Description (English)

SGWBox N3 is a network storage facility for the China Gingerwood Company. SGWBox N3 2.0.25 has a loophole in its path, which results from a mishandling of the file/eshell, which may lead to a path pass.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

拾光坞

Published

2025-12-15

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.336421 https://vuldb.com/?id.336421 https://vuldb.com/?submit.706915 https://www.notion.so/sgwbox-NAS-N3-Directory-Traversal-2be6cf4e528a802a9c0ad6f01b75694e?source=copy_link