[] NeoSense
E X P L O I T S
title author type platform port cve id

QNAP VioStor NVR / QNAP NAS - Remote Code Execution

Author: Tim Herres
type: webapps
platform: cgi
port: 
date_added: 2013-06-05 
date_updated: 2015-10-28 
verified: 1 
codes: CVE-2013-0143;OSVDB-93977 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/60354/info

QNAP VioStor NVR and QNAP NAS are prone to a remote code-execution vulnerability.

Successfully exploiting this issue may allow an attacker to execute arbitrary code with elevated privileges in the context of the user running the affected application.

The following are vulnerable:

QNAP VioStor NVR running firmware 4.0.3.
QNAP NAS

http://www.example.com/cgi-bin/pingping.cgi?ping_ip=1;whoami
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.