Skip to main content
CVE-2013-0143 MEDIUM POC This Month

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Qnap RCE Viostor Network Video Recorder Surveillance Station Pro +1
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
7.2%
CVE-2013-2852 MEDIUM POC This Month

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Broadcom Linux Information Disclosure Linux Kernel Debian Linux +1
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.2%
CVE-2013-2146 MEDIUM POC PATCH This Month

arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.0%
CVE-2013-1929 MEDIUM POC PATCH This Month

Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service. Rated medium severity (CVSS 4.4). Public exploit code available.

Broadcom Denial Of Service Linux Buffer Overflow RCE +1
NVD GitHub
CVSS 2.0
4.4
EPSS
0.1%
CVE-2013-0144 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Qnap Viostor Network Video Recorder
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-2851 MEDIUM This Month

Format string vulnerability in the register_disk function in block/genhd.c in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and writing format string. Rated medium severity (CVSS 6.0). No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD
CVSS 2.0
6.0
EPSS
0.0%
CVE-2013-2128 MEDIUM PATCH This Month

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2013-0142 MEDIUM This Month

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Authentication Bypass Viostor Network Video Recorder Surveillance Station Pro Nas
NVD
CVSS 2.0
5.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy