CVE-2025-14707

Name of the Vulnerable Software and Affected Versions Shiguangwu sgwbox N3 version 2.0.25

Description A security flaw exists in Shiguangwu sgwbox N3 2.0.25 within the DOCKER Feature. Manipulation of the params argument in an unknown function of the file /usr/sbin/http eshell server can lead to command injection. This issue is remotely exploitable. The exploit has been publicly released, and the vendor has not responded to reports about this disclosure.

Recommendations Restrict access to the /usr/sbin/http eshell server file. As a temporary workaround, consider disabling the DOCKER Feature until a patch is available. Monitor network traffic for suspicious activity related to the affected component.