CVE-2025-14187 | UGREEN DH2100+ up to 5.3.0.251125 nas_svr /v1/file/backup/create handler_file_backup_create path buffer overflow

A vulnerability was found in UGREEN DH2100+ up to 5.3.0.251125. It has been declared as critical. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing manipulation of the argument path can lead to buffer overflow.

This vulnerability is handled as CVE-2025-14187. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More