|
|||
Rule General Information |
---|
Release Date: | 2014-03-31 | |
Rule Name: | QNAP VioStor NVR and QNAP NAS Remote Code Execution Vulnerability (CVE-2013-0143) | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string. | |
Impact: | Remote code execution | |
Affected OS: | Other Unix, Linux | |
Reference: | CVE-2013-0143 |
|
Solutions |
---|
Update vendor's patch. |