Full Disclosure

QNAP QTS multiple RCE vulnerabilities (CVE-2017-6361, CVE-2017-6360, CVE-2017-6359)

April 6, 2017 007admin Leave a comment

Posted by Harry Sintonen on Apr 06

QNAP QTS multiple RCE vulnerabilities
=====================================
The latest version of this advisory is available at:
https://sintonen.fi/advisories/qnap-qts-multiple-rce-vulnerabilities.txt

Overview
——–

QNAP QTS firmware contains multiple Command Injection (CWE-77)
vulnerabilities that can be exploited to gain remote command execution
on the devices.

Description
———–

QNAP QTS web user interface CGI binaries include…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information