CVE 9.3 CRITICAL

Shiguangwu sgwbox N3 WIRELESSCFGGET http_eshell_server buffer overflow_CVE-2025-14709

December 15, 2025 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue is some unknown functionality of the file /usr/sbin/http_eshell_server of the component WIRELESSCFGGET Interface. The manipulation of the argument params leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in Shiguangwu sgwbox N3 2.0.25 via the WIRELESSCFGGET Interface, allowing remote exploitation and potential code execution.

Basic Information

ID CVE-2025-14709

Source VulDB

Published Dec 15, 2025 at 07:02

Affected Product

Vendor Shiguangwu

Product sgwbox N3

Version 2.0.25

Affected Versions Shiguangwu sgwbox N3 2.0.25

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Shiguangwu

Product sgwbox N3

Version 2.0.25

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue is some unknown functionality of the file /usr/sbin/http_eshell_server of the component WIRELESSCFGGET Interface. The manipulation of the argument params leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-12-15T07:02:07.039Z",
    "modified": "2025-12-15T07:02:07.039Z",
    "type": "cve",
    "title": "Shiguangwu sgwbox N3 WIRELESSCFGGET http_eshell_server buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.336426\nhttps://vuldb.com/?ctiid.336426\nhttps://vuldb.com/?submit.706989\nhttps://www.notion.so/sgwbox-NAS-N3-Buffer-Overflow-2be6cf4e528a80258b82dee0d6d1ebd1?source=copy_link",
    "id": "CVE-2025-14709",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Shiguangwu sgwbox N3 2.0.25",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "sgwbox N3",
    "version": "2.0.25",
    "vendor": "Shiguangwu",
    "ai_description": "Buffer overflow vulnerability in Shiguangwu sgwbox N3 2.0.25 via the WIRELESSCFGGET Interface, allowing remote exploitation and potential code execution.",
    "ai_severity": "Critical",
    "ai_vendor": "Shiguangwu",
    "ai_product": "sgwbox N3",
    "ai_version": "2.0.25",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply