Vulnerabilities > Iptime > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-17 | CVE-2022-23771 | Cross-Site Request Forgery (CSRF) vulnerability in Iptime products This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. | 8.8 |
| 2022-08-17 | CVE-2022-23765 | Cross-Site Request Forgery (CSRF) vulnerability in Iptime products This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. | 8.8 |
| 2022-03-25 | CVE-2021-26620 | Improper Authentication vulnerability in Iptime products An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. | 7.5 |
| 2021-02-23 | CVE-2020-7847 | Unrestricted Upload of File with Dangerous Type vulnerability in Iptime products The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. | 8.0 |
| 2021-02-17 | CVE-2020-7848 | Command Injection vulnerability in Iptime C200 Firmware 1.0.12 The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. | 8.0 |