CVE-2025-14707
BaseFortify
Publication date: 2025-12-15
Last updated on: 2025-12-23
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sgwbox | n3_nas | to 2.0.25 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-77 | The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
| CWE-74 | The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-14707 is a critical command injection vulnerability in Shiguangwu sgwbox N3 version 2.0.25, specifically in the DOCKER Feature component within the file /usr/sbin/http_eshell_server. It occurs because the software improperly handles the 'params' argument, allowing an attacker to inject and execute arbitrary commands remotely without authentication. This flaw is due to insufficient filtering of dangerous characters, enabling remote attackers to execute commands with root privileges on the device. [1, 2]
How can this vulnerability impact me? :
This vulnerability can severely impact you by allowing an unauthenticated remote attacker to execute arbitrary commands with root privileges on the affected device. This leads to a complete compromise of confidentiality, integrity, and availability of the system, giving the attacker full control over the target NAS device. The exploit is easy to perform and publicly available, making the risk critical. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can be attempted by monitoring for unusual or unauthorized POST requests to the /usr/sbin/http_eshell_server interface, especially those containing suspicious or specially crafted parameters that may indicate command injection attempts. Network intrusion detection systems (NIDS) can be configured to alert on such patterns. However, no specific detection commands or signatures are provided in the available resources. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include discontinuing use of the affected Shiguangwu sgwbox N3 version 2.0.25 device or replacing it with an alternative product, as no known countermeasures or patches are available. Restricting network access to the vulnerable service and monitoring for exploitation attempts may help reduce risk temporarily, but the vulnerability remains critical and exploitable remotely without authentication. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows remote, unauthenticated command injection leading to full system compromise, which can result in unauthorized access, modification, or disruption of sensitive data. Such impacts on confidentiality, integrity, and availability can lead to non-compliance with common standards and regulations like GDPR and HIPAA that require protection of sensitive data and system security. However, no specific compliance implications are detailed in the provided resources. [1, 2]