SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE
TL;DR Find out how a memory corruption vulnerability can lead to a pre-auth remote code execution on QNAP QTS’s Surveillance Station plugin. Vulnerability Summary QNAP NAS with “Surveillance Station Local Display function can perform monitoring and playback by using an HDMI display to deliver live Full HD (1920×1080) video monitoring”. Insecure use of user supplied …
SSD Advisory – QNAP Pre-Auth CGI_Find_Parameter RCE Read More »
