VYPR
High severity8.0NVD Advisory· Published Aug 17, 2022· Updated Jun 17, 2026

CVE-2022-23765

CVE-2022-23765

Description

This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.