Zspace Q2C Nas Firmware vulnerabilities
3 known vulnerabilities affecting zspace/q2c_nas_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2025-14107P2HIGHCVSS 8.8≤ 1.1.02100502025-12-05
CVE-2025-14107 [HIGH] CWE-74 CVE-2025-14107: A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerabil
A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2_api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safe_dir results in command injection. The attack may be performed from remote. The exploit has been
nvd
CVE-2025-14106P2HIGHCVSS 8.8≤ 1.1.02100502025-12-05
CVE-2025-14106 [HIGH] CWE-74 CVE-2025-14106: A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2
A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safe_dir leads to command injection. The attack is possible to be carried out remotely. The exploit is publicly available and migh
nvd
CVE-2025-14108P2HIGHCVSS 8.8≤ 1.1.02100502025-12-05
CVE-2025-14108 [HIGH] CWE-74 CVE-2025-14108: A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the fu
A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl
nvd