High severity8.0NVD Advisory· Published Aug 17, 2022· Updated Jun 17, 2026
CVE-2022-23765
CVE-2022-23765
Description
This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
1- www.krcert.or.kr/krcert/secNoticeView.donvdThird Party Advisory
News mentions
0No linked articles in our index yet.