module
QNAP QTS and Photo Station Local File Inclusion
| Disclosed |
|---|
| 2019-11-25 |
Disclosed
2019-11-25
Description
This module exploits a local file inclusion in QNAP QTS and Photo
Station that allows an unauthenticated attacker to download files from
the QNAP filesystem.
Because the HTTP server runs as root, it is possible to access
sensitive files, such as SSH private keys and password hashes.
This module has been tested on QTS 4.3.3 (unknown Photo Station
version) and QTS 4.3.6 with Photo Station 5.7.9.
Station that allows an unauthenticated attacker to download files from
the QNAP filesystem.
Because the HTTP server runs as root, it is possible to access
sensitive files, such as SSH private keys and password hashes.
This module has been tested on QTS 4.3.3 (unknown Photo Station
version) and QTS 4.3.6 with Photo Station 5.7.9.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.