VYPR

NAS

by Drobo

CVEs (1)

  • CVE-2018-14700HigDec 3, 2018
    risk 0.49cvss 7.5epss 0.01

    Incorrect access control in the /mysql/api/logfile.php endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve MySQL log files via the "name" URL parameter.