5 matches found
CVE-2022-23765
This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request...
CVE-2022-23765
creationtimestamp| type| source ---|---|--- 2022-08-18 00:40:55+00:00| seen| https://t.me/cibsecurity/48315...
CVE-2022-23765
This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request...
CVE-2022-23765
This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request...
CVE-2022-23765
CVE-2022-23765 describes a CSRF flaw in IPTIME NAS family devices. A malicious POST request to a specific page (while a user is logged in) can allow remote attackers to change the root password, effectively gaining root privileges. The connected documents corroborate the risk as described, with m...