Vulnerabilities > Iptime > NAS I Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-03-25 CVE-2021-26620 Improper Authentication vulnerability in Iptime products
An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual.
network
low complexity
iptime CWE-287
7.5
2021-02-23 CVE-2020-7847 Unrestricted Upload of File with Dangerous Type vulnerability in Iptime products
The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution.
low complexity
iptime CWE-434
8.0