VYPR
Vendor

Iptime

Products
4
CVEs
6
Across products
6
Status
Private

Products

4

Recent CVEs

6
  • CVE-2026-1740HigFeb 2, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_session_url of the file /cgi/timepro.cgi of the component Hidden Hiddenloginsetup Interface. The manipulation results in improper authentication. The attack may be performed from…

  • CVE-2024-54764MedJan 6, 2025
    risk 0.43cvss 6.5epss 0.01

    An access control issue in the component /login/hostinfo2.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication.

  • CVE-2024-54763MedJan 6, 2025
    risk 0.43cvss 6.5epss 0.01

    An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication.

  • CVE-2026-1742MedFeb 2, 2026
    risk 0.31cvss 4.7epss 0.00

    A vulnerability was identified in EFM ipTIME A8004T 14.18.2. Affected by this vulnerability is the function commit_vpncli_file_upload of the file /cgi/timepro.cgi of the component VPN Service. Such manipulation leads to unrestricted upload. It is possible to launch the attack…

  • CVE-2021-26620Mar 25, 2022
    risk 0.00cvss epss 0.01

    An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. Remote attackers are able to steal important information in the server by exploiting vulnerabilities such as insufficient authentication when accessing the shared folder…

  • CVE-2020-7879Nov 30, 2021
    risk 0.00cvss epss 0.01

    This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It is necessary to extract value for ipTIME IP camera because the ipTIME NAS send ans setCookie('[COOKIE]') . The value is transferred to the --header option in wget binary, and there…