CVE-2025-14184 | SGAI Space1 NAS N1211DS up to 1.0.915 gsaiagent /cgi-bin/JSONAPI RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD command injection

A vulnerability has been found in SGAI Space1 NAS N1211DS up to 1.0.915 and classified as critical. Impacted is the function RENAME_FILE/OPERATE_FILE/NGNIX_UPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection.

This vulnerability appears as CVE-2025-14184. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More