Posted by Klaus Eisentraut (SySS GmbH) on Aug 05

Advisory ID: SYSS-2016-065

Product: NASdeluxe NDL-2400r

Vendor: Starline Computer GmbH

Affected Version(s): 2.01.10

Tested Version(s): 2.01.09

Vulnerability Type: OS Command Injection (CWE-78)

Risk Level: High

Solution Status: no fix (product has reached EOL since 3 years)

Vendor Notification: 2016-07-04

Public Disclosure: 2016-08-03

CVE Reference: Not assigned

Author of Advisory: Klaus Eisentraut, SySS GmbH,…