CVE-2025-14183

Name of the Vulnerable Software and Affected Versions SGAI Space1 NAS N1211DS versions up to 1.0.915

Description A security issue exists in SGAI Space1 NAS N1211DS versions up to 1.0.915 related to the unprotected storage of credentials. The issue is located in the gsaiagent component, specifically within the /cgi-bin/JSONAPI file, affecting the GET FACTORY INFO/GET USER INFO function. This allows for remote exploitation. The exploit has been publicly released.

Recommendations Versions prior to 1.0.915 should be updated. As a temporary workaround, consider restricting access to the /cgi-bin/JSONAPI file.