CVE-2013-10049 in IB-NAS5220informação

Sumário

de MITRE • 02/08/2025

An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Responsável

VulnCheck

Reservar

01/08/2025

Divulgação

02/08/2025

Moderação

aceite

Entrada

VDB-318566

CPE

pronto

Exploração

Descarregar

EPSS

0.01968

KEV

não

Atividades

muito baixo

Fontes

Want to know what is going to be exploited?

We predict KEV entries!