26 matches found
EUVD-2013-0185
Malware in sbrugna...
EUVD-2013-0187
Malware in sbrugna...
CVE-2023-47565
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...
CVE-2013-0142
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors...
CVE-2013-0144
Cross-site request forgery CSRF vulnerability in cgi-bin/createuser.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action...
CVE-2013-0143
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string...
Qnap VioStor Detection
Binary data qnapviostordetect.nbin...
Qnap VioStor < 5.0.0 Command Injection (CVE-2023-47565)
Binary data qnapviostorCVE-2023-47565.nbin...
Qnap VioStor < 5.0.0 Command Injection (CVE-2023-47565)
The version of Qnap VioStor installed on the remote host is prior to 5.0.0. It is, therefore, affected by an OS command injection vulnerability. If exploited, the vulnerability could allow authenticated users to execute commands. Note that Nessus has not tested for these issues but has instead...
Actively Exploited Vulnerability in QNAP VioStor NVR: Fixed, Patches Available
...
CVE-2023-47565
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...
Command injection
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...
CVE-2023-47565 Legacy VioStor NVR
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...
CVE-2023-47565
CVE-2023-47565 affects legacy QNAP VioStor NVRs prior to QVR Firmware 5.x, where an OS command injection (CWE-78) in QVR Firmware 4.x could let an authenticated user execute commands over the network. Affected component is the VioStor NVR’s QVR firmware (pre-5.x). The vulnerability’s root cause i...
CVE-2023-47565 Legacy VioStor NVR
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...
PT-2023-8130
Name of the Vulnerable Software and Affected Versions QNAP VioStor NVR models running QVR Firmware versions prior to 5.0.0 Description An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models. If exploited, the vulnerability could allow authenticated users to...
CVE-2021-38685
A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later...
CVE-2021-38686
An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later...
Authentication flaw
An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later...
CVE-2021-38686 Improper Authentication Vulnerability in VioStor
An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later...