o EFM Networks released security update to address file download vulnerability in ipTIME NAS product.
o The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution.
□ Affected Product
|ipTIME NAS-I, NAS-II, NAS-IIe, NAS101, NAS1dual, NAS2dual, NAS3, NAS4, NAS4dual
||1.4.35 and prior
o Update software over 1.4.36 version
o Thanks to JaeHyung Lee, InHyung Lee for reporting this vulnerability
□ 작성 : 침해사고분석단 취약점분석팀