Lucene search
K

17 matches found

NVD
NVD
added 2025/12/15 1:15 a.m.5 views

CVE-2025-14693

A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and may be used. It i...

7CVSS0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/15 12:2 a.m.5 views

EUVD-2025-203318

A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and may be used. The...

7CVSS5.5AI score0.00202EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/15 12:2 a.m.3 views

CVE-2025-14693 Ugreen DH2100+ USB symlink

A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and may be used. It i...

7CVSS6.1AI score0.00202EPSS
Exploits0References5
CVE
CVE
added 2025/12/15 12:2 a.m.10 views

CVE-2025-14693

CVE-2025-14693 affects the Ugreen DH2100+ device (up to version 5.3.0) via the USB Handler component. The vulnerability in the USB Handler enables symlink following, and exploitation can be carried out on the physical device. The exploit has been disclosed publicly. A remediation is to upgrade th...

7CVSS6.1AI score0.00202EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/12/15 12:2 a.m.32 views

CVE-2025-14693 Ugreen DH2100+ USB symlink

A vulnerability has been found in Ugreen DH2100+ up to 5.3.0. This affects an unknown function of the component USB Handler. Such manipulation leads to symlink following. The attack can be executed directly on the physical device. The exploit has been disclosed to the public and may be used. It i...

7CVSS0.00202EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/15 12:0 a.m.4 views

PT-2025-51181

Name of the Vulnerable Software and Affected Versions Ugreen DH2100+ versions up to 5.3.0 Description A flaw exists in the USB Handler component of Ugreen DH2100+ that allows for symlink following. This issue can be directly exploited on the physical device. The exploit has been publicly disclose...

7CVSS6.4AI score0.00202EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/12/08 1:11 p.m.9 views

CVE-2025-14187

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

8.6CVSS7.4AI score0.00585EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/07 12:30 p.m.8 views

EUVD-2025-201598

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

8.6CVSS6.3AI score0.02512EPSS
Exploits0References5
NVD
NVD
added 2025/12/07 11:15 a.m.7 views

CVE-2025-14188

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

8.6CVSS0.02512EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/07 9:30 a.m.7 views

EUVD-2025-201596

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

8.6CVSS6.5AI score0.00585EPSS
Exploits0References5
NVD
NVD
added 2025/12/07 9:15 a.m.5 views

CVE-2025-14187

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

8.6CVSS0.00585EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2025/12/07 8:32 a.m.4 views

CVE-2025-14187

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

8.6CVSS7.4AI score0.00585EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/07 8:32 a.m.4 views

CVE-2025-14187 UGREEN DH2100+ nas_svr create handler_file_backup_create buffer overflow

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

8.6CVSS7.4AI score0.00585EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/07 12:0 a.m.4 views

UGREEN DH2100+ 安全漏洞

UGREEN DH2100+ is a private cloud storage device from China Greenlink UGREEN. A security vulnerability exists in UGREEN DH2100+ 5.3.0.251125 and earlier versions, which originates from a misbehavior of the parameter path in the function handlerfilebackupcreate in the file /v1/file/backup/create i...

8.6CVSS7.1AI score0.00585EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/07 12:0 a.m.5 views

UGREEN DH2100+ 命令注入漏洞

UGREEN DH2100+ is a private cloud storage device from China Greenlink UGREEN. A command injection vulnerability exists in UGREEN DH2100+ 5.3.0.251125 and earlier versions, which stems from the incorrect manipulation of the parameter path by the function handlerfilebackupcreate in the file...

8.6CVSS7.2AI score0.02512EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/07 12:0 a.m.9 views

PT-2025-49400

Name of the Vulnerable Software and Affected Versions UGREEN DH2100+ versions through 5.3.0.251125 Description A flaw exists in UGREEN DH2100+ that could allow for remote buffer overflow. The issue is related to the handler file backup create function within the nas svr component, specifically wh...

8.6CVSS7.2AI score0.00585EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2025/12/07 12:0 a.m.15 views

PT-2025-49401

Name of the Vulnerable Software and Affected Versions UGREEN DH2100+ versions through 5.3.0.251125 Description A security issue exists in UGREEN DH2100+ that allows for remote command injection. The issue is related to the handler file backup create function within the nas svr component,...

8.6CVSS6.8AI score0.02512EPSS
Exploits0References12
Rows per page
Query Builder