CVE-2025-14184

A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAMEFILE/OPERATEFILE/NGNIXUPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. The attack may be initiated remotely. The exploit has been...

EUVD-2025-201594

A vulnerability was determined in SGAI Space1 NAS N1211DS up to 1.0.915. Impacted is the function RENAMEFILE/OPERATEFILE/NGNIXUPLOAD of the file /cgi-bin/JSONAPI of the component gsaiagent. This manipulation causes command injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-14183

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GETFACTORYINFO/GETUSERINFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The exploit...

PT-2025-49395

Name of the Vulnerable Software and Affected Versions SGAI Space1 NAS N1211DS versions through 1.0.915 Description A command injection issue exists in the gsaiagent component. The RENAME FILE/OPERATE FILE/NGNIX UPLOAD function within the /cgi-bin/JSONAPI file is susceptible to manipulation, leadi...

SGAI Space1 命令注入漏洞

SGAI Space1 is an all-in-one NAS and router device from China's SpeedGrid SGAI. A command injection vulnerability exists in SGAI Space1 version 1.0.915 and earlier, which stems from a command injection in the component gsaiagent in NAS N1211DS...

PT-2025-49394

A vulnerability was found in SGAI Space1 NAS N1211DS up to 1.0.915. This issue affects the function GET FACTORY INFO/GET USER INFO of the file /cgi-bin/JSONAPI of the component gsaiagent. The manipulation results in unprotected storage of credentials. The attack can be launched remotely. The...