CVE-2025-14106
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-05

Last updated on: 2025-12-16

Assigner: VulDB

Description
A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safe_dir leads to command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure and confirmed the existence of the vulnerability. A technical fix is planned to be released.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-05
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-06
EPSS Evaluated
2026-06-14
NVD
CVE-2025-14106
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
zspace q2c_nas_firmware to 1.1.0210050 (inc)
zspace q2c_nas *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the ZSPACE Q2C NAS device up to version 1.1.0210050, specifically in the function zfilev2_api.CloseSafe of the HTTP POST Request Handler component. It involves manipulation of the argument safe_dir, which leads to command injection. This means an attacker can remotely execute arbitrary commands on the affected system by exploiting this flaw.

Impact Analysis

The vulnerability allows remote attackers to execute arbitrary commands on the affected device, potentially leading to full system compromise. This can result in unauthorized access, data theft, data manipulation, service disruption, or further attacks within the network.

Detection Guidance

Detection can be performed by monitoring for suspicious HTTP POST requests to the endpoint /v2/file/safe/close that include unusual or malicious input in the safe_dir parameter. Network intrusion detection systems (NIDS) or web application firewalls (WAF) can be configured to alert on such requests. Additionally, inspecting logs for POST requests to /v2/file/safe/close with suspicious payloads may help identify exploitation attempts. Specific commands are not provided in the resources, but using tools like curl or tcpdump to capture and analyze traffic to this endpoint could assist in detection. [1, 2]

Mitigation Strategies

No known countermeasures or patches are available from the vendor, as they did not respond to the disclosure. Immediate mitigation steps include replacing the affected ZSPACE Q2C NAS device with an alternative product not vulnerable to this issue. Additionally, restricting network access to the vulnerable endpoint, implementing strict firewall rules, and monitoring for exploitation attempts can help reduce risk until replacement is possible. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14106. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart