CVE-2025-14188

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

CVE-2025-14187

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

EUVD-2025-201598

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

CVE-2025-14188

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

CVE-2025-14188 UGREEN DH2100+ nas_svr create handler_file_backup_create command injection

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

CVE-2025-14188 UGREEN DH2100+ nas_svr create handler_file_backup_create command injection

A security vulnerability has been detected in UGREEN DH2100+ up to 5.3.0.251125. This impacts the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. The manipulation of the argument path leads to command injection. The attack is possible to be carried out...

CVE-2025-14188

CVE-2025-14188 affects UGREEN DH2100+ (nas_svr) up to version 5.3.0.251125. The vulnerability is in the function handler_file_backup_create at /v1/file/backup/create, where manipulation of the path argument enables remote command injection. Multiple connected sources confirm the issue and state t...

EUVD-2025-201596

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

CVE-2025-14187 UGREEN DH2100+ nas_svr create handler_file_backup_create buffer overflow

A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handlerfilebackupcreate of the file /v1/file/backup/create of the component nassvr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The...

UGREEN DH2100+ 安全漏洞

UGREEN DH2100+ is a private cloud storage device from China Greenlink UGREEN. A security vulnerability exists in UGREEN DH2100+ 5.3.0.251125 and earlier versions, which originates from a misbehavior of the parameter path in the function handlerfilebackupcreate in the file /v1/file/backup/create i...

PT-2025-49400

Name of the Vulnerable Software and Affected Versions UGREEN DH2100+ versions through 5.3.0.251125 Description A flaw exists in UGREEN DH2100+ that could allow for remote buffer overflow. The issue is related to the handler file backup create function within the nas svr component, specifically wh...

PT-2025-49401

Name of the Vulnerable Software and Affected Versions UGREEN DH2100+ versions through 5.3.0.251125 Description A security issue exists in UGREEN DH2100+ that allows for remote command injection. The issue is related to the handler file backup create function within the nas svr component,...

EUVD-2018-11883

Malware in sbrugna...

EUVD-2019-13369

Malware in sbrugna...

EUVD-2020-26501

Malware in sbrugna...

EUVD-2013-5508

Malware in sbrugna...

actidata actiNAS SL 2U-8 RDX Cross-Site Scripting Vulnerability

The actidata actiNAS SL 2U-8 RDX is a rackmount backup server from actidata. A cross-site scripting vulnerability exists in actidata actiNAS-SL-2U-8 version 3.2.03-SP1, which stems from a cross-site scripting vulnerability in nasSvr.php that allows remote attackers to inject arbitrary web script ...

Incorrect path displayed when click "open file location”

Type "command prompt" in the search box and click "open file location” the path of the roaming profile on the NAS server is displayed...

Thecus N4800Eco NAS Server Command Injection

A vulnerability exists in Thecus. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

Thecus N4800Eco Nas Server Control Panel - Comand Injection Exploit

Exploit Title: Thecus N4800Eco Nas Server Control Panel - Comand Injection Exploit Author: Metin Yunus Kandemir Vendor Homepage: http://www.thecus.com/ Software Link: http://www.thecus.com/product.php?PRODID=83 Version: N4800Eco Description:...