Описание
Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-0710
- https://www.coresecurity.com/advisories/qnap-qcenter-virtual-appliance-multiple-vulnerabilities
- https://www.exploit-db.com/exploits/45015
- https://www.qnap.com/zh-tw/security-advisory/nas-201807-10
- https://www.securityfocus.com/archive/1/542141/100/0/threaded
- http://packetstormsecurity.com/files/148515/QNAP-Qcenter-Virtual-Appliance-1.6.x-Information-Disclosure-Command-Injection.html
- http://seclists.org/fulldisclosure/2018/Jul/45
Связанные уязвимости
CVSS3: 8.8
nvd
больше 7 лет назад
Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.