[Japanese]

JVNDB-2025-001017

Multiple vulnerabilities in STEALTHONE D220/D340/D440

Overview

Network storage servers STEALTHONE D220/D340/D440 provided by Y'S corporation contain multiple vulnerabilities listed below.

* OS Command Injection (CWE-78) - CVE-2025-20016
* OS Command Injection (CWE-78) - CVE-2025-20055
* SQL Injection (CWE-89) - CVE-2025-20620

Chuya Hayakawa and Ryo Kamino of 00One, Inc. reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.
CVSS Severity (What is CVSS?)

CVSS V3 Severity:
Base Metrics 9.8 (Critical) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-20055

CVSS V3 Severity:
Base Metrics7.5 (High) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: None
  • Availability Impact: None
The above CVSS base scores have been assigned for CVE-2025-20620

CVSS V3 Severity:
Base Metrics7.2 (High) [Other]
  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: High
  • User Interaction: None
  • Scope: Unchanged
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
The above CVSS base scores have been assigned for CVE-2025-20016
Affected Products


Y'S corporation
  • STEALTHONE D220 STEALTHONE D220 firmware v6.03.02 and earlier - CVE-2025-20016, CVE-2025-20055, CVE-2025-20620
  • STEALTHONE D340 STEALTHONE D340 firmware v6.03.02 and earlier - CVE-2025-20016, CVE-2025-20055, CVE-2025-20620
  • STEALTHONE D440 STEALTHONE D440 firmware v7.00.10 and earlier - CVE-2025-20016

Impact

* A user with an administrative privilege who logged in to the web management page of the affected product may execute an arbitrary OS command (CVE-2025-20016)
* An attacker who can access the affected product may execute an arbitrary OS command (CVE-2025-20055)
* An attacker who can access the affected product may obtain the administrative password of the web management page (CVE-2025-20620)
Solution

[Update the firmware]
Update the firmware to the latest version according to the information provided by the developer.
Vendor Information

Y'S corporation
CWE (What is CWE?)

  1. OS Command Injection(CWE-78) [Other]
  2. SQL Injection(CWE-89) [Other]
CVE (What is CVE?)

  1. CVE-2025-20016
  2. CVE-2025-20055
  3. CVE-2025-20620
References

  1. JVN : JVNVU#99653331
Revision History

  • [2025/01/15]
      Web page was published

Date Public2025/01/14
Date First Published2025/02/06
Date Last Updated2025/02/06