Nas1dual Firmware Security Vulnerabilities and Issues — Nas1dual Firmware CVE List

Lucene search

IptimeNas1dual Firmware

3 matches found

CVE•added 2022/08/17 9:15 p.m.•524 views

CVE-2022-23765

This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.

8.8CVSS8.4AI score0.00276EPSS

CVE•added 2021/02/23 4:15 p.m.•36 views

CVE-2020-7847

The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36.

8CVSS8.3AI score0.00274EPSS

CVE•added 2022/10/17 4:15 p.m.•35 views

CVE-2022-23771

This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary ...

8.8CVSS8.4AI score0.00095EPSS