CVE-2021-42848 (a1_firmware, t1_firmware, t2_firmware, t2pro_firmware, x1_firmware)

An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an unauthenticated user to retrieve device and networking details.

Source