cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/927644 | US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2022-10-03T16:15:05
Updated: 2022-10-03T16:15:05
Reserved: 2022-10-03T00:00:00
Link: CVE-2013-0143
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-06-07T20:55:01.347
Modified: 2013-06-10T04:00:00.000
Link: CVE-2013-0143
JSON object: View
Redhat Information
No data.
CWE