Skip to main content

Viostor Network Video Recorder

3 CVEs product

Monthly

CVE-2013-0144 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Qnap Viostor Network Video Recorder
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-0143 MEDIUM POC This Month

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Qnap RCE Viostor Network Video Recorder Surveillance Station Pro +1
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
7.2%
CVE-2013-0142 MEDIUM This Month

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Authentication Bypass Viostor Network Video Recorder Surveillance Station Pro Nas
NVD
CVSS 2.0
5.0
EPSS
0.4%
EPSS 0% CVSS 6.8
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Qnap Viostor Network Video Recorder
NVD
EPSS 7% CVSS 6.5
MEDIUM POC This Month

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Qnap RCE +3
NVD Exploit-DB
EPSS 0% CVSS 5.0
MEDIUM This Month

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Authentication Bypass Viostor Network Video Recorder +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy