CVE-2025-14704 – This vulnerability allows remote attackers to p... (How to Fix)

Q: What is the severity of CVE-2025-14704?

CVE-2025-14704 has a CVSS score of 7.3 (HIGH). This vulnerability allows remote attackers to perform path traversal attacks via the /eshell API endpoint in Shiguangwu sgwbox N3 version 2.0.25. Attackers can potentially access files outside the intended directory structure. All systems running the affected version with the API exposed are vulnerable.

📋 TL;DR

This vulnerability allows remote attackers to perform path traversal attacks via the /eshell API endpoint in Shiguangwu sgwbox N3 version 2.0.25. Attackers can potentially access files outside the intended directory structure. All systems running the affected version with the API exposed are vulnerable.

💻 Affected Systems

Products:

Shiguangwu sgwbox N3

Versions: 2.0.25

Operating Systems: Embedded/Linux-based NAS OS

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default configuration of the API component.

📦 What is this software?

N3 Firmware by Sgwbox

View all CVEs affecting N3 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through arbitrary file read/write, potentially leading to credential theft, data exfiltration, or remote code execution.

🟠

Likely Case

Unauthorized access to sensitive files, configuration files, or user data stored on the NAS device.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent external access to the vulnerable API endpoint.

🌐 Internet-Facing: HIGH - The vulnerability can be exploited remotely, and the exploit is publicly available.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if they have network access to the device.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The exploit has been made public and appears to be straightforward to execute based on the path traversal nature.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None - vendor did not respond to disclosure

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Block API Access

linux

Restrict network access to the vulnerable /eshell API endpoint using firewall rules.

iptables -A INPUT -p tcp --dport [API_PORT] -j DROP
ufw deny [API_PORT]

Disable Unnecessary API

all

If the eshell API functionality is not required, disable it completely in the device configuration.

🧯 If You Can't Patch

Implement strict network segmentation to isolate the NAS device from untrusted networks
Monitor for unusual file access patterns and API requests to the /eshell endpoint

🔍 How to Verify

Check if Vulnerable:

Check if the device is running version 2.0.25 and has the /eshell API endpoint accessible. Test with a path traversal payload like '../../etc/passwd' to the API endpoint.

Check Version:

Check device web interface or system information page for firmware version

Verify Fix Applied:

Verify that path traversal attempts to the /eshell endpoint are blocked or return appropriate error responses.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Multiple requests to /eshell with '../' sequences
Failed authentication attempts to API endpoints

Network Indicators:

Traffic to /eshell endpoint with path traversal patterns
Unusual outbound connections from NAS device

SIEM Query:

source="nas_logs" AND (uri="/eshell" AND (uri CONTAINS "../" OR uri CONTAINS "..\\"))

📊 Metadata

CVE ID: CVE-2025-14704

CVSS v3 Score: 7.3 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-22

EPSS Score: 0.35% exploit probability (56.8th percentile)

Published: December 15, 2025

Last Updated: January 9, 2026

🔗 References

https://vuldb.com/?ctiid.336421 Permissions Required,VDB Entry
https://vuldb.com/?id.336421 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.706915 Third Party Advisory,VDB Entry
https://www.notion.so/sgwbox-NAS-N3-Directory-Traversal-2be6cf4e528a802a9c0ad6f01b75694e?source=copy_link Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14704, you might also want to check these: