VYPR

NAS CD3510

by ORICO

CVEs (2)

  • CVE-2025-14220MedDec 8, 2025
    risk 0.28cvss 4.3epss 0.00

    A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown function of the component File Upload. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor…

  • CVE-2025-69429Feb 3, 2026
    risk 0.00cvss epss 0.00

    The ORICO NAS CD3510 (version V1.9.12 and below) contains an Incorrect Symlink Follow vulnerability that could be exploited by attackers to leak or tamper with the internal file system. Attackers can format a USB drive to ext4, create a symbolic link to its root directory,…