Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:39 a.m.9 views

CVE-2013-0144

Cross-site request forgery CSRF vulnerability in cgi-bin/createuser.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action...

6.8CVSS7.6AI score0.00619EPSS
Exploits0References1
ICS
ICS
added 2023/12/21 7:0 a.m.38 views

QNAP VioStor NVR

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available/known public exploitation Vendor : QNAP Equipment : VioStor NVR Vulnerability : OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability...

8.8CVSS8.9AI score0.73277EPSS
Exploits0References8
NVD
NVD
added 2023/12/08 4:15 p.m.33 views

CVE-2023-47565

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...

8.8CVSS0.73277EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/12/08 4:15 p.m.33 views

CVE-2023-47565

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...

8.8CVSS7.4AI score0.73277EPSS
In wildExploits0References2Affected Software1
Prion
Prion
added 2023/12/08 4:15 p.m.20 views

Command injection

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...

6.5CVSS7.7AI score0.73277EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/08 4:6 p.m.261 views

CVE-2023-47565 Legacy VioStor NVR

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...

8CVSS9AI score0.73277EPSS
Exploits0References1
CVE
CVE
added 2023/12/08 4:6 p.m.298 views

CVE-2023-47565

CVE-2023-47565 affects legacy QNAP VioStor NVRs prior to QVR Firmware 5.x, where an OS command injection (CWE-78) in QVR Firmware 4.x could let an authenticated user execute commands over the network. Affected component is the VioStor NVR’s QVR firmware (pre-5.x). The vulnerability’s root cause i...

8.8CVSS8.4AI score0.73277EPSS
In wildExploits0References2Affected Software1
exploitpack
exploitpack
added 2017/02/01 12:0 a.m.24 views

QNAP NVRNAS Devices - Buffer Overflow (PoC)

QNAP NVRNAS Devices - Buffer Overflow PoC Device Model: QNAP VioStor NVR, QNAP NAS, Fujitsu Celvin NAS May be additional re-branded Attack Vector: Remote Attack Models: 1. Classic Heap Overflows 2. Classic Stack Overflow 3. Heap Feng Shui Overflow 4. "Heack Combo" Heap / Stack Combination Overflo...

0.8AI score
Exploits0
NVD
NVD
added 2013/06/07 8:55 p.m.29 views

CVE-2013-0142

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors...

5CVSS6.8AI score0.01308EPSS
Exploits0References1
NVD
NVD
added 2013/06/07 8:55 p.m.15 views

CVE-2013-0144

Cross-site request forgery CSRF vulnerability in cgi-bin/createuser.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action...

6.8CVSS7.2AI score0.00619EPSS
Exploits0References1
Prion
Prion
added 2013/06/07 8:55 p.m.18 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in cgi-bin/createuser.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action...

6.8CVSS7.8AI score0.00619EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2013/06/07 8:55 p.m.2 views

CVE-2013-0143

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string...

6.5CVSS6AI score0.06965EPSS
Exploits0References2
CVE
CVE
added 2013/06/07 8:0 p.m.68 views

CVE-2013-0143

CVE-2013-0143 affects QNAP VioStor NVR devices (firmware 4.0.3 and possibly earlier) and the Surveillance Station Pro component in QNAP NAS. A remote authenticated user could trigger arbitrary command execution by supplying shell metacharacters in the query string to cgi-bin/pingping.cgi, leverag...

6.5CVSS7.6AI score0.06965EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/06/07 8:0 p.m.22 views

CVE-2013-0143

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string...

7.3AI score0.06965EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/06/07 8:0 p.m.29 views

CVE-2013-0142

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors...

6.7AI score0.01308EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2013/06/07 12:0 a.m.40 views

QNAP VioStor NVR / QNAP NAS Devices Multiple Vulnerabilities (Jun 2013) - Active Check

QNAP VioStor NVR / QNAP NAS devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

6.8CVSS6.9AI score0.01308EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/06/07 12:0 a.m.22 views

QNAP VioStor NVR / QNAP NAS Devices RCE Vulnerability (Jun 2013) - Active Check

QNAP VioStor NVR / QNAP NAS devices are prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

6.5CVSS7AI score0.06965EPSS
Exploits0References2
exploitpack
exploitpack
added 2013/06/05 12:0 a.m.14 views

QNAP VioStor NVR QNAP NAS - Remote Code Execution

QNAP VioStor NVR QNAP NAS - Remote Code Execution source: https://www.securityfocus.com/bid/60354/info QNAP VioStor NVR and QNAP NAS are prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code with elevated privileges in t...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2013/06/05 12:0 a.m.35 views

QNAP VioStor NVR / QNAP NAS - Remote Code Execution

source: https://www.securityfocus.com/bid/60354/info QNAP VioStor NVR and QNAP NAS are prone to a remote code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code with elevated privileges in the context of the user running the affected...

7.4AI score
Exploits0
CERT
CERT
added 2013/06/05 12:0 a.m.64 views

QNAP VioStor NVR firmware version 4.0.3 and QNAP NAS multiple vulnerabilities

Overview QNAP VioStor NVR firmware version 4.0.3 and possibly earlier versions and QNAP NAS contains multiple vulnerabilities which may allow an attacker to perform administrative functions against the hosted server. Description QNAP VioStor NVR firmware version 4.0.3 and possibly earlier version...

6.8CVSS7.7AI score0.06965EPSS
Exploits0References6
Rows per page
Query Builder