Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8
CVSSv3

CVE-2020-7847

Published: 23/02/2021 Updated: 27/02/2021
CVSS v2 Base Score: 5.2 | Impact Score: 6.4 | Exploitability Score: 5.1
CVSS v3 Base Score: 8 | Impact Score: 5.9 | Exploitability Score: 2.1
VMScore: 463
Vector: AV:A/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Nas-i Firmware

Vulnerability Summary

The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

iptime nas-i_firmware

iptime nas-ii_firmware

iptime nas-iie_firmware

iptime nas101_firmware

iptime nas1dual_firmware

iptime nas2dual_firmware

iptime nas3_firmware

iptime nas4_firmware

iptime nas4dual_firmware

References

CWE-434https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35921https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook