VYPR
Vendor

Raidsonic

Products
4
CVEs
3
Across products
4
Status
Private

Products

4

Recent CVEs

3
  • CVE-2013-10049CriAug 1, 2025
    risk 0.70cvss epss 0.02

    An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input…

  • CVE-2008-7081Aug 25, 2009
    risk 0.00cvss epss 0.02

    userHandler.cgi in RaidSonic ICY BOX NAS firmware 2.3.2.IB.2.RS.1 allows remote attackers to bypass authentication and gain administrator privileges by setting the login parameter to admin. NOTE: the provenance of this information is unknown; the details are obtained solely from…

  • CVE-2008-1431Mar 20, 2008
    risk 0.00cvss epss 0.00

    RaidSonic NAS-4220-B with 2.6.0-n(2007-10-11) firmware stores a partition encryption key in an unencrypted /system/.crypt file with base64 encoding, which allows local users to obtain the key.