CVE-2013-0142

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors.
References
Link Resource
http://www.kb.cert.org/vuls/id/927644 US Government Resource
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:qnap:viostor_network_video_recorder:4.0.3:*:*:*:*:*:*:*
cpe:2.3:h:qnap:viostor_network_video_recorder:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:qnap:surveillance_station_pro:-:*:*:*:*:*:*:*
cpe:2.3:h:qnap:nas:-:*:*:*:*:*:*:*

Information

Published : 2013-06-07 13:55

Updated : 2013-06-09 21:00


NVD link : CVE-2013-0142

Mitre link : CVE-2013-0142


JSON object : View

CWE
CWE-255

Credentials Management Errors

Advertisement

dedicated server usa

Products Affected

qnap

  • surveillance_station_pro
  • nas
  • viostor_network_video_recorder