Tags archives: execution

 

 

 

 

 

 

 

 

 

 

0

QNAP Transcode Server Command Execution

This Metasploit module exploits an unauthenticated remote command injection vulnerability in QNAP NAS devices. The transcoding server listens on port 9251 by default and is vulnerable to command injection using the ‘rmfile’ command. This Metasploit module was tested successfully on a QNAP TS-431 with firmware version 4.3.3.0262 (20170727). Source: QNAP Transcode Server Command Execution

The post QNAP Transcode Server Command Execution appeared first on MondoUnix.