High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-25	CVE-2021-26620	Improper Authentication vulnerability in Iptime products An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. network low complexity iptime CWE-287	7.5
2021-02-23	CVE-2020-7847	Unrestricted Upload of File with Dangerous Type vulnerability in Iptime products The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. low complexity iptime CWE-434	8.0