CNNVD-202507-3808 Information
CNNVD ID
CNNVD-202507-3808
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
ipTIME NAS是韩国ipTIME公司的一个无线路由器产品提供NAS网络附加存储 ipTIME NAS v1.5.04版本存在安全漏洞,该漏洞源于upload.cgi模块中strcpy函数使用不当,可能导致预认证缓冲区溢出。
Description (English)
IpTIME NAS is a non-wire-wire-wired product of ipTIME Korea providing additional storage of NAS network The security loophole in version ipTIME NAS v1.5.04 stems from the inappropriate use of the stcpy function in the upload.cgi module, which may lead to pre-accreditation of the buffer zone spills.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
ipTIME
Published
2025-07-30
Last Modified
2026-02-24
References
https://lafdrew.github.io/2025/04/25/Buffer-Overflow-in-upload-cgi-of-iptime-nas-1-5-04/ https://github.com/lafdrew/IOT/blob/main/iptime_nas_1.5.04/Buffer-Overflow-in-upload-cgi-of-iptime-nas-1-5-04.md https://access.redhat.com/security/cve/cve-2025-50464
Patch
https://iptime.com/iptime/?page_id=126&uid=20311&mod=document
Share on: