PT-2017-12910 · Qnap · Qnap Video Station+1
李衍龙
+1
·
Publicado
2017-11-22
·
Atualizado
2017-12-12
·
CVE-2017-13071
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
QNAP Video Station versions prior to 5.1.3 (for QTS 4.3.3) and 5.2.0 (for QTS 4.3.4)
Description
This issue allows a remote attacker to run arbitrary commands.
Recommendations
For QNAP Video Station version 5.1.3 (for QTS 4.3.3) and later, no action is required as the issue has been patched.
For QNAP Video Station versions prior to 5.1.3 (for QTS 4.3.3) and 5.2.0 (for QTS 4.3.4), update to the latest version to resolve the issue.
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Qnap Video Station
Qts