Description
Improper handling of filenames in certain HIKSEMI NAS products may lead to the exposure of sensitive system files.
Published: 2026-01-30
Score: 4.6 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive System File Exposure
Action: Assess Impact
AI Analysis

Impact

This vulnerability is caused by the NAS device’s inadequate validation of filenames, enabling the traversal of directory boundaries. By supplying crafted filenames, an attacker can request the device to read files located outside the intended directory structure, potentially exposing configuration data and other sensitive system files. The primary consequence is a confidentiality breach that could leak privileged information.

Affected Systems

The affected product is the HIKSEMI HS‑AFS‑S1H1 NAS. Version details are not disclosed, so any firmware version currently running on this device is considered at risk until the vendor issues a fix.

Risk and Exploitability

The CVSS base score of 4.6 classifies the issue as moderate severity. The EPSS score of less than 1% indicates that it is very unlikely to be exploited in the wild, and the vulnerability is not catalogued as a known exploited vulnerability by CISA. Nonetheless, the flaw enables an attacker with access to the NAS interface to read restricted files, so organizations should monitor logs for suspicious file access operations and apply a patch as soon as it becomes available. The attack vector is presumed local or internal, as the flaw requires interaction with the NAS’s file handling functionality.

Generated by OpenCVE AI on April 18, 2026 at 01:10 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor-released patch or update the HS‑AFS‑S1H1 firmware to a version that corrects the filename validation logic.
  • If a patch is not yet available, restrict the NAS interface to trusted hosts only and disable any services that allow user-supplied filenames or remote file uploads.
  • Enforce strict file permission controls on the NAS, ensuring that only authorized processes can read system files, thereby limiting the impact of any path traversal attempt.

Generated by OpenCVE AI on April 18, 2026 at 01:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 01:30:00 +0000

Type Values Removed Values Added
Title Exposing Sensitive System Files via Improper Filename Handling

Fri, 27 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22

Tue, 03 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Hiksemi
Hiksemi hs-afs-s1h1
Vendors & Products Hiksemi
Hiksemi hs-afs-s1h1

Fri, 30 Jan 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 30 Jan 2026 11:15:00 +0000

Type Values Removed Values Added
Description Improper handling of filenames in certain HIKSEMI NAS products may lead to the exposure of sensitive system files.
References
Metrics cvssV3_1

{'score': 4.6, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Hiksemi Hs-afs-s1h1
cve-icon MITRE

Status: PUBLISHED

Assigner: hikvision

Published:

Updated: 2026-02-27T14:42:08.422Z

Reserved: 2026-01-08T05:37:27.997Z

Link: CVE-2026-22625

cve-icon Vulnrichment

Updated: 2026-01-30T12:42:46.027Z

cve-icon NVD

Status : Deferred

Published: 2026-01-30T11:15:55.893

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-22625

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T01:15:05Z

Weaknesses