CVE-2022-23765 Information

Description

This vulnerability occured by sending a malicious POST request to a specific page while logged in random user from some family of IPTIME NAS. Remote attackers can steal root privileges by changing the password of the root through a POST request.

Reference

https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66877