5 matches found
CVE-2022-23771
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrar...
CVE-2020-7879
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie'COOKIE' . The value is transferred to the --header option in wget binary, and there is no validation check...
EUVD-2022-28707
Malicious code in bioql PyPI...
EUVD-2022-28701
Malicious code in bioql PyPI...
PT-2022-16252 · Iptime · Iptime Nas
Name of the Vulnerable Software and Affected Versions: IPTIME NAS affected versions not specified Description: The issue occurs when a malicious POST request is sent to a specific page while logged in as a random user from some family of IPTIME NAS. This allows remote attackers to steal root...