Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | EasyNas 1.1.0 - OS Command Injection Exploit | 6 Apr 202300:00 | – | zdt |
 | Exploit for OS Command Injection in Easynas | 29 Jun 202315:23 | – | githubexploit |
 | The vulnerability of the /backup.pl component of the EasyNAS operating system’s network storage solution, allowing a hacker to execute arbitrary commands. | 15 Nov 202300:00 | – | bdu_fstec |
 | CVE-2023-0830 | 14 Feb 202320:41 | – | circl |
 | EasyNAS 操作系统命令注入漏洞 | 14 Feb 202300:00 | – | cnnvd |
 | CVE-2023-0830 EasyNAS backup.pl system os command injection | 14 Feb 202316:13 | – | cvelist |
 | EasyNas 1.1.0 - OS Command Injection | 6 Apr 202300:00 | – | exploitdb |
 | CVE-2023-0830 | 14 Feb 202317:15 | – | nvd |
 | CVE-2023-0830 | 14 Feb 202317:15 | – | osv |
 | EasyNas 1.1.0 Command Injection | 6 Apr 202300:00 | – | packetstorm |
10
[
{
"vendor": "n/a",
"product": "EasyNAS",
"versions": [
{
"version": "1.1.0",
"status": "affected"
}
]
}
]| Source | Link |
|---|---|
| vuldb | www.vuldb.com/ |
| github | www.github.com/xbz0n/CVE-2023-0830 |
| exploit-db | www.exploit-db.com/exploits/51266 |
| vuldb | www.vuldb.com/ |
| vuldb | www.vuldb.com/ |
| gist | www.gist.github.com/xbz0n/674af0e802efaaafe90d2f67464c2690 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| usr | request body | easynas/login.pl | OS command injection via login to EasyNAS allowing remote command execution | CWE-78, CWE-77 |
| pwd | request body | easynas/login.pl | OS command injection via login to EasyNAS allowing remote command execution | CWE-78, CWE-77 |
| action | request body | easynas/login.pl | OS command injection via login to EasyNAS allowing remote command execution | CWE-78, CWE-77 |
| action | query param | easynas/backup.pl | OS command injection via backup.pl causing command execution through crafted backup parameter | CWE-78, CWE-77 |
| menu | query param | easynas/backup.pl | OS command injection via backup.pl causing command execution through crafted backup parameter | CWE-78, CWE-77 |
| .submit | query param | easynas/backup.pl | OS command injection via backup.pl causing command execution through crafted backup parameter | CWE-78, CWE-77 |
| name | query param | easynas/backup.pl | OS command injection via backup.pl causing command execution through crafted backup parameter | CWE-78, CWE-77 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 05:26Current
7.8High risk
Vulners AI Score7.8
CVSS 3.16.3 - 8.8
CVSS 45.3
CVSS 26.5
CVSS 36.3
EPSS0.20862