CVE 9.3 CRITICAL

Shiguangwu sgwbox N3 WIREDCFGGET http_eshell_server buffer overflow_CVE-2025-14708

December 15, 2025 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/http_eshell_server of the component WIREDCFGGET Interface. Executing manipulation of the argument params can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in Shiguangwu sgwbox N3 2.0.25 via remote exploitation of the WIREDCFGGET Interface

Basic Information

ID CVE-2025-14708

Source VulDB

Published Dec 15, 2025 at 06:32

Affected Product

Vendor Shiguangwu

Product sgwbox N3

Version 2.0.25

Affected Versions Shiguangwu sgwbox N3 2.0.25

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Shiguangwu

Product sgwbox N3

Version 2.0.25

References

{
    "lastseen": "",
    "description": "A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/http_eshell_server of the component WIREDCFGGET Interface. Executing manipulation of the argument params can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-12-15T06:32:06.485Z",
    "modified": "2025-12-15T06:32:06.485Z",
    "type": "cve",
    "title": "Shiguangwu sgwbox N3 WIREDCFGGET http_eshell_server buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.336425\nhttps://vuldb.com/?ctiid.336425\nhttps://vuldb.com/?submit.706977\nhttps://www.notion.so/sgwbox-NAS-N3-Buffer-Overflow-2be6cf4e528a808b9f71fe434929c73b?source=copy_link",
    "id": "CVE-2025-14708",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Shiguangwu sgwbox N3 2.0.25",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "sgwbox N3",
    "version": "2.0.25",
    "vendor": "Shiguangwu",
    "ai_description": "Buffer overflow vulnerability in Shiguangwu sgwbox N3 2.0.25 via remote exploitation of the WIREDCFGGET Interface",
    "ai_severity": "Critical",
    "ai_vendor": "Shiguangwu",
    "ai_product": "sgwbox N3",
    "ai_version": "2.0.25",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply