Описание
Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-0709
- https://www.coresecurity.com/advisories/qnap-qcenter-virtual-appliance-multiple-vulnerabilities
- https://www.exploit-db.com/exploits/45015
- https://www.qnap.com/zh-tw/security-advisory/nas-201807-10
- https://www.securityfocus.com/archive/1/542141/100/0/threaded
- http://packetstormsecurity.com/files/148515/QNAP-Qcenter-Virtual-Appliance-1.6.x-Information-Disclosure-Command-Injection.html
- http://seclists.org/fulldisclosure/2018/Jul/45
Связанные уязвимости
CVSS3: 8.8
nvd
больше 7 лет назад
Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.