Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A buffer overflow vulnerability exists in the upload.cgi module of the iptime NAS firmware v1.5.04. The vulnerability arises due to the unsafe use of the strcpy function to copy attacker-controlled data from the CONTENT_TYPE HTTP header into a fixed-size stack buffer (v8, allocated 8 bytes) without bounds checking. Since this operation occurs before authentication logic is executed, the vulnerability is exploitable pre-authentication.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ipTIME NAS 安全漏洞
Vulnerability Description
ipTIME NAS是韩国ipTIME公司的一个无线路由器产品提供NAS网络附加存储 ipTIME NAS v1.5.04版本存在安全漏洞,该漏洞源于upload.cgi模块中strcpy函数使用不当,可能导致预认证缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A