header-logo
Suggest Exploit
vendor:
VioStor NVR and QNAP NAS
by:
SecurityFocus
9,8
CVSS
HIGH
Remote Code-Execution
78
CWE
Product Name: VioStor NVR and QNAP NAS
Affected Version From: 4.0.3
Affected Version To: 4.0.3
Patch Exists: YES
Related CWE: N/A
CPE: a:qnap:vio_stor_nvr
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2013

QNAP VioStor NVR and QNAP NAS Remote Code-Execution Vulnerability

QNAP VioStor NVR and QNAP NAS are prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code with elevated privileges in the context of the user running the affected application. The vulnerable versions are QNAP VioStor NVR running firmware 4.0.3 and QNAP NAS.

Mitigation:

Users should upgrade to the latest version of the software.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/60354/info

QNAP VioStor NVR and QNAP NAS are prone to a remote code-execution vulnerability.

Successfully exploiting this issue may allow an attacker to execute arbitrary code with elevated privileges in the context of the user running the affected application.

The following are vulnerable:

QNAP VioStor NVR running firmware 4.0.3.
QNAP NAS 

http://www.example.com/cgi-bin/pingping.cgi?ping_ip=1;whoami

Navigation

Suggest Exploit

Services By CQR