CVE-2025-14183
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-07

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET_FACTORY_INFO/GET_USER_INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-07
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-12-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-14183
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
sgai gsaiagent *
sgai space1_nas n1211ds
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-255
CWE-256 The product stores a password in plaintext within resources such as memory or files.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in SGAI Space1 NAS N1211DS up to version 1.0.915, specifically in the GET_FACTORY_INFO and GET_USER_INFO functions of the /cgi-bin/JSONAPI file within the gsaiagent component. It allows remote attackers to manipulate the system resulting in unprotected storage of credentials. The exploit is publicly known and can be used to compromise the device.


How can this vulnerability impact me? :

The vulnerability can lead to exposure of stored credentials due to unprotected storage, which can be exploited remotely. This could allow attackers to gain unauthorized access to the device or its data, potentially compromising the security and privacy of the system and its users.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

The vulnerability involves unprotected storage of credentials and unauthorized remote access to sensitive information such as account details and passwords in plaintext. This exposure of sensitive personal and system data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require proper protection of personal and sensitive information. However, no explicit mention of compliance impact or regulatory consequences is provided in the resources. [1, 2, 3]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection can be performed by attempting to access the vulnerable API endpoints /cgi-bin/JSONAPI with the GET_FACTORY_INFO or GET_USER_INFO functions to check if sensitive information such as credentials is exposed without proper authentication. For example, using curl commands to send requests to these endpoints and observe if sensitive data is returned. A sample command could be: curl -X GET "http://<device-ip>/cgi-bin/JSONAPI?function=GET_USER_INFO". If the response contains plaintext credentials or sensitive information without authentication, the device is vulnerable. [1, 2, 3]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting network access to the affected NAS device to trusted users only, such as by using firewall rules or network segmentation to prevent unauthorized remote access. Since no patches or vendor responses are available, consider replacing the affected device with a more secure alternative. Monitoring network traffic for suspicious access to the vulnerable API endpoints is also recommended. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart