CVE-2025-14183 | SGAI Space1 NAS N1211DS up to 1.0.915 gsaiagent /cgi-bin/JSONAPI GET_FACTORY_INFO/GET_USER_INFO credentials storage

December 6, 2025 Yanac

A vulnerability, which was classified as problematic, was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET_FACTORY_INFO/GET_USER_INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials.

This vulnerability is reported as CVE-2025-14183. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More