CVE-2025-14183
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-07

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET_FACTORY_INFO/GET_USER_INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-07
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-10
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14183
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
sgai gsaiagent *
sgai space1_nas n1211ds
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-255
CWE-256 The product stores a password in plaintext within resources such as memory or files.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability involves unprotected storage of credentials and unauthorized remote access to sensitive information such as account details and passwords in plaintext. This exposure of sensitive personal and system data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require proper protection of personal and sensitive information. However, no explicit mention of compliance impact or regulatory consequences is provided in the resources. [1, 2, 3]

Executive Summary

This vulnerability exists in SGAI Space1 NAS N1211DS up to version 1.0.915, specifically in the GET_FACTORY_INFO and GET_USER_INFO functions of the /cgi-bin/JSONAPI file within the gsaiagent component. It allows remote attackers to manipulate the system resulting in unprotected storage of credentials. The exploit is publicly known and can be used to compromise the device.

Impact Analysis

The vulnerability can lead to exposure of stored credentials due to unprotected storage, which can be exploited remotely. This could allow attackers to gain unauthorized access to the device or its data, potentially compromising the security and privacy of the system and its users.

Detection Guidance

Detection can be performed by attempting to access the vulnerable API endpoints /cgi-bin/JSONAPI with the GET_FACTORY_INFO or GET_USER_INFO functions to check if sensitive information such as credentials is exposed without proper authentication. For example, using curl commands to send requests to these endpoints and observe if sensitive data is returned. A sample command could be: curl -X GET "http://<device-ip>/cgi-bin/JSONAPI?function=GET_USER_INFO". If the response contains plaintext credentials or sensitive information without authentication, the device is vulnerable. [1, 2, 3]

Mitigation Strategies

Immediate mitigation steps include restricting network access to the affected NAS device to trusted users only, such as by using firewall rules or network segmentation to prevent unauthorized remote access. Since no patches or vendor responses are available, consider replacing the affected device with a more secure alternative. Monitoring network traffic for suspicious access to the vulnerable API endpoints is also recommended. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14183. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart