Critical Published: Dec 15, 2025

CVE-2025-14705

9.8 CVSS Score Critical

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Export CVE-2025-14705 Data:

Link copied!

Description

A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Weaknesses (CWE)

CWE-74

References & External Links

https://vuldb.com/?ctiid.336422
https://vuldb.com/?id.336422
https://vuldb.com/?submit.706974
https://www.notion.so/sgwbox-NAS-N3-Command-Injection-2be6cf4e528a80d69da5d6d17456a183?source=copy_link

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker