185 matches found
CVE-2020-7848
The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this vulnerability, an attacker can send a GET request that executes arbitrary OS commands via cookie value...
CVE-2024-54764
An access control issue in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...
CVE-2024-54763
An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...
PT-2025-3069 · Iptime · Iptime A2004
Name of the Vulnerable Software and Affected Versions: ipTIME A2004 version 12.17.0 Description: An access control issue in the component /login/hostinfo.cgi allows attackers to obtain sensitive information without authentication. Recommendations: For ipTIME A2004 version 12.17.0, consider...
PT-2025-3070 · Iptime · Iptime A2004
Name of the Vulnerable Software and Affected Versions: ipTIME A2004 version 12.17.0 Description: An access control issue in the component "/login/hostinfo2.cgi" of ipTIME A2004 allows attackers to obtain sensitive information without authentication. Recommendations: For ipTIME A2004 version...
ipTIME A2004 安全漏洞
The ipTIME A2004 is a router from the Korean company ipTIME. A security vulnerability exists in ipTIME A2004 version v12.17.0, which originates from improper access control. An attacker can exploit the vulnerability to gain access to sensitive information...
CVE-2024-54764
ipTIME A2004 is affected by CVE-2024-54764 due to an access control flaw in /login/hostinfo2.cgi (firmware v12.17.0). Unauthenticated attackers can read sensitive information and device configuration. Root cause: improper access control. Affected: ipTIME A2004, firmware 12.17.0. Impact: informati...
CVE-2024-54764
An access control issue in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...
ipTIME A2004 安全漏洞
The ipTIME A2004 is a router from the Korean company ipTIME. A security vulnerability exists in ipTIME A2004 version v12.17.0, which originates from improper access control. An attacker can exploit the vulnerability to gain access to sensitive information...
CVE-2024-54763
An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...
CVE-2024-54763
An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...
CVE-2024-54763
The CVE-2024-54763 entry concerns the ipTIME A2004 router (v12.17.0). The issue is an access-control flaw in the /login/hostinfo.cgi component that allows unauthenticated attackers to obtain sensitive device information. The Nuclei template and related sources corroborate unauthenticated access t...
CVE-2024-54764
An access control issue in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication...
CVE-2022-23771
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
CVE-2022-23771
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
Design/Logic Flaw
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
CVE-2022-23771 IPTIME NAS1DUAL CSRF Vulnerability
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
CVE-2022-23771 IPTIME NAS1DUAL CSRF Vulnerability
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
ipTIME NAS 跨站请求伪造漏洞
ipTIME NAS is a wireless router product from South Korea's ipTIME Corporation that provides NAS network attached storage. A security vulnerability exists in ipTIME NAS that stems from a lack of validation of POST requests sent to a page. An attacker can exploit this vulnerability to delete user...
CVE-2022-23771
This CVE-2022-23771 entry relates to ipTIME NAS products and describes a CSRF-like flaw on user account creation/deletion pages. The vulnerability stems from insufficient validation of POST requests, enabling an attacker to delete user accounts or escalate privileges. The connected documents corr...