This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
iptime nas1dual firmware |
||
iptime nas2dual firmware |
||
iptime nas4dual firmware |