CVE-2013-0143

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.

CERT-VN: http://www.kb.cert.org/vuls/id/927644
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0143

published: 7. 6. 2013

12 years

256 countries

767k users

5110k calculations

CCTV Calculator

CCTV Calculator for Android

CVE-2013-0143