CNNVD-202512-2730 Information

CNNVD ID

CNNVD-202512-2730

Related CVE

CVE-2025-14703

• CNNVD Published: 2025-12-15

Description (Chinese)

SGWBox N3是中国拾光坞（SGWBox）公司的一个网络存储设备。 SGWBox N3 2.0.25版本存在授权问题漏洞，该漏洞源于对文件/fsnotify中参数token的错误操作，可能导致身份验证不当。

Description (English)

SGWBox N3 is a network storage facility for the China Gingerwood Company. SGWBox N3 2.0.25 has a mandate gap, which stems from a mishandling of the parameter token in the document/fsnotify, which may lead to improper identification.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

拾光坞

Published

2025-12-15

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.336420 https://vuldb.com/?id.336420 https://vuldb.com/?submit.706914 https://www.notion.so/sgwbox-NAS-N3-Auth-Bypass-2be6cf4e528a8092b261fbc2abc3430c?source=copy_link