Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2013-0144
cve-2013-0144
csrf
qnap
viostor
nvr
firmware 4.0.3
security vulnerability
csrf vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
31.1%
Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action.
Affected configurations
Node
qnapviostor_network_video_recorderMatch4.0.3
qnapviostor_network_video_recorderMatch-
References
Related
prion
prion
Cross site request forgery (csrf)
2013-06-07 20:55:00
cvelist
cvelist
CVE-2013-0144
2022-10-03 16:15:04
nvd
nvd
CVE-2013-0144
2013-06-07 20:55:01
openvas
openvas
Qnap Multiple Vulnerabilities
2013-06-07 00:00:00
cert
cert
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
31.1%
Related for CVE-2013-0144