Vulnerabilities > Iptime > NAS IIE Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-25 | CVE-2021-26620 | Improper Authentication vulnerability in Iptime products An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. | 5.0 |
| 2021-02-23 | CVE-2020-7847 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptime products The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. | 5.2 |