https://blog.qife122.com/tags/cve-2025-14705/ Recent content in CVE-2025-14705 on 办公AI智能小助手 Hugo zh-cn qife Mon, 05 Jan 2026 13:45:46 +0800 https://blog.qife122.com/p/%E9%AB%98%E5%8D%B1%E6%BC%8F%E6%B4%9E%E9%A2%84%E8%AD%A6%E6%9B%99%E5%85%89%E5%B1%8Bsgwbox-n3%E8%AE%BE%E5%A4%87shareserver%E5%8A%9F%E8%83%BD%E4%B8%AD%E7%9A%84%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5/ Mon, 05 Jan 2026 13:45:46 +0800 https://blog.qife122.com/p/%E9%AB%98%E5%8D%B1%E6%BC%8F%E6%B4%9E%E9%A2%84%E8%AD%A6%E6%9B%99%E5%85%89%E5%B1%8Bsgwbox-n3%E8%AE%BE%E5%A4%87shareserver%E5%8A%9F%E8%83%BD%E4%B8%AD%E7%9A%84%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%B3%A8%E5%85%A5/ <h2 id="cve-2025-14705曙光屋-sgwbox-n3-中的命令注入漏洞">CVE-2025-14705：曙光屋 sgwbox N3 中的命令注入漏洞</h2> <p><strong>严重性：严重</strong> <strong>类型：漏洞</strong> <strong>CVE编号：</strong> CVE-2025-14705</p> <p>CVE-2025-14705 是曙光屋 sgwbox N3 版本 2.0.25 中的一个关键命令注入漏洞， specifically affecting the SHARESERVER feature. The flaw allows unauthenticated remote attackers to execute arbitrary commands by manipulating input parameters, without requiring user interaction. The vulnerability has a high CVSS 4.0 score of 9.3, reflecting its severe impact on confidentiality, integrity, and availability. Although the vendor was notified, no patch or response has been provided, and public exploit details are available, increasing the risk of exploitation. European organizations using this device, particularly in sectors relying on this hardware for network or file sharing services, face significant risks including system compromise and data breaches. Mitigation requires immediate network-level restrictions, disabling or isolating the vulnerable feature, and monitoring for suspicious activity.</p>