PT-2014-2955 · Qnap · Qnap Photo Station

Publicado

2014-06-09

Atualizado

2017-08-29

CVE-2013-5760

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions QNAP Photo Station versions prior to 4.0.3 build0912

Description The issue allows remote attackers to list OS user accounts via a request to "photo/p/api/list.php".

Recommendations For versions prior to 4.0.3 build0912, update to firmware 4.0.3 build0912 or later to resolve the issue.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2013-5760

Qnap Photo Station