CVE-2026-22625 identifies a vulnerability in the HIKSEMI HS-AFS-S1H1 network-attached storage (NAS) device, specifically in version V5.10.10_Build_251126. The root cause is improper handling of filenames, which falls under CWE-22, a path traversal weakness. This flaw allows an unauthenticated attacker with network access to craft specially designed filename requests that bypass normal directory restrictions, enabling access to sensitive system files that should otherwise be protected. The vulnerability does not require user interaction or privileges, increasing its risk profile. However, exploitation requires network-level access to the device, limiting the attack surface to internal or exposed networks. The CVSS v3.1 base score is 4.6, indicating medium severity, with high confidentiality impact but no impact on integrity or availability. No public exploits have been reported yet, and no patches are currently available, though the vendor has published the vulnerability details. This vulnerability could be leveraged for reconnaissance or information disclosure, potentially aiding further attacks against the affected systems or networks.

The primary impact of this vulnerability is unauthorized disclosure of sensitive system files, which can include configuration files, credentials, or other critical data stored on the NAS device. Exposure of such information can facilitate further attacks such as privilege escalation, lateral movement, or targeted exploitation of other vulnerabilities. Organizations relying on HIKSEMI HS-AFS-S1H1 devices for critical data storage or backup could face confidentiality breaches, potentially leading to data leaks or compliance violations. Since the vulnerability does not affect integrity or availability, direct disruption or data manipulation is unlikely. However, the information gained could indirectly compromise system security. The requirement for network access reduces the risk from remote attackers but does not eliminate threats from insider attackers or attackers who gain network access through other means. The absence of known exploits limits immediate risk but does not preclude future exploitation.

1. Restrict network access to the HIKSEMI HS-AFS-S1H1 NAS device by implementing strict firewall rules and network segmentation to limit exposure to trusted management networks only. 2. Monitor network traffic for unusual or unauthorized access attempts targeting the NAS device, especially requests involving suspicious filename patterns indicative of path traversal attempts. 3. Regularly audit and review access logs on the NAS device to detect potential reconnaissance or exploitation attempts. 4. Engage with the vendor to obtain and apply security patches or firmware updates as soon as they become available to address this vulnerability. 5. If patching is delayed, consider deploying virtual patching techniques such as web application firewalls (WAFs) or intrusion prevention systems (IPS) with custom rules to detect and block path traversal patterns. 6. Educate network administrators and security teams about this vulnerability to ensure timely response and monitoring. 7. Implement strong authentication and access controls on the NAS device to reduce risk from insider threats, even though the vulnerability does not require authentication.