A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-mx5f-4vx4-2f5r: A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function...
UGREEN DH2100+ up to 5.3.0.251125 has a buffer overflow vulnerability in the nas_svr component, exploitable remotely via path manipulation in the handler_file_backup_create function.