Iptime Nas1dual Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Iptime Nas1dual Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-23765 — CVSS 8.0 (high): This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME…
CVE-2022-23771 — CVSS 8.0 (high): This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be…
CVE-2021-26620 — CVSS 7.5 (high): An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. Remote attackers are able to…
CVE-2020-7847 — CVSS 7.4 (high): The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain…