Medium Published: Dec 15, 2025

CVE-2025-14693

6.6 CVSS Score Medium

Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Export CVE-2025-14693 Data:

Link copied!

Description

A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector Details

Attack Vector Physical

Attack Complexity Low

Privileges Required Low

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Weaknesses (CWE)

CWE-59

References & External Links

https://vuldb.com/?ctiid.336411
https://vuldb.com/?id.336411
https://vuldb.com/?submit.704646
https://vuldb.com/?submit.704657
https://www.notion.so/2bc6cf4e528a8083bf3fc6f7a953f0a1

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker