Efm Networks Co., Ltd
Products
5- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24498 | 0.00 | — | 0.00 | Feb 27, 2026 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8. | |||
| CVE-2022-23771 | 0.00 | — | 0.00 | Oct 17, 2022 | This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges. | |||
| CVE-2022-23765 | 0.00 | — | 0.00 | Aug 17, 2022 | This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request. |
- CVE-2026-24498Feb 27, 2026risk 0.00cvss —epss 0.00
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Networks, Inc. IpTIME AX3000Q, EFM-Networks, Inc. IpTIME AX6000M allows Authentication Bypass.This issue affects ipTIME T5008: through 15.26.8; ipTIME AX2004M: through 15.26.8; ipTIME AX3000Q: through 15.26.8; ipTIME AX6000M: through 15.26.8.
- CVE-2022-23771Oct 17, 2022risk 0.00cvss —epss 0.00
This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.
- CVE-2022-23765Aug 17, 2022risk 0.00cvss —epss 0.00
This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.