CVE-2013-10049 in IB-NAS5220信息

摘要

由 MITRE • 2025-08-02

An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Want to stay up to date on a daily basis?

Enable the mail alert feature now!