An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. Remote attackers are able to steal important information in the server by exploiting vulnerabilities such as insufficient authentication when accessing the shared folder and changing userβs...
7.5CVSS
7.7AI Score
0.002EPSS
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there is no validation...
9.8CVSS
7.8AI Score
0.005EPSS