Unrated severityNVD Advisory· Published Oct 17, 2022· Updated May 9, 2025

IPTIME NAS1DUAL CSRF Vulnerability

CVE-2022-23771

Description

This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.

Affected products

Efm Networks Co., Ltd/Nas1dual, Nas2dual, Nas4dualv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.krcert.or.kr/krcert/secNoticeView.domitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000