CVE-2013-0142

Name of the Vulnerable Software and Affected Versions QNAP VioStor NVR devices version 4.0.3 QNAP NAS with Surveillance Station Pro component (affected versions not specified)

Description The issue concerns a hardcoded guest account in the affected devices, allowing remote attackers to gain web-server login access.

Recommendations For QNAP VioStor NVR devices version 4.0.3, consider changing the default guest account credentials as a temporary workaround. For QNAP NAS with Surveillance Station Pro component, restrict access to the Surveillance Station Pro component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.