ID CVE-2018-0706
Summary Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information.
References
Vulnerable Configurations
  • cpe:2.3:a:qnap:q%27center:1.7.1063
    cpe:2.3:a:qnap:q%27center:1.7.1063
CVSS
Base: 4.0
Impact:
Exploitability:
CWE CWE-255
CAPEC
exploit-db via4
  • description QNAP Q'Center - change_passwd Command Execution (Metasploit). CVE-2018-0706,CVE-2018-0707. Remote exploit for Linux platform. Tags: Metasploit Framework (MSF...
    file exploits/linux/remote/45043.rb
    id EDB-ID:45043
    last seen 2018-07-17
    modified 2018-07-17
    platform linux
    port 443
    published 2018-07-17
    reporter Exploit-DB
    source https://www.exploit-db.com/download/45043/
    title QNAP Q'Center - change_passwd Command Execution (Metasploit)
    type remote
  • description QNAP Qcenter Virtual Appliance - Multiple Vulnerabilities. CVE-2018-0706,CVE-2018-0707,CVE-2018-0708,CVE-2018-0709,CVE-2018-0710. Webapps exploit for Hardwar...
    file exploits/hardware/webapps/45015.txt
    id EDB-ID:45015
    last seen 2018-07-13
    modified 2018-07-13
    platform hardware
    port 443
    published 2018-07-13
    reporter Exploit-DB
    source https://www.exploit-db.com/download/45015/
    title QNAP Qcenter Virtual Appliance - Multiple Vulnerabilities
    type webapps
metasploit via4
description This module exploits a command injection vulnerability in the `change_passwd` API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin' operating system user. Valid credentials for the 'admin' user account are required, however, this module also exploits a separate password disclosure issue which allows any authenticated user to view the password set for the 'admin' user during first install. This module has been tested successfully on QNAP Q'Center appliance version 1.6.1075.
id MSF:EXPLOIT/LINUX/HTTP/QNAP_QCENTER_CHANGE_PASSWD_EXEC
last seen 2019-03-13
modified 2019-01-10
published 2018-07-12
reliability Excellent
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/qnap_qcenter_change_passwd_exec.rb
title QNAP Q'Center change_passwd Command Execution
packetstorm via4
refmap via4
bugtraq 20180711 [CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities
confirm https://www.qnap.com/zh-tw/security-advisory/nas-201807-10
fulldisc 20180711 [CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities
misc
Last major update 16-07-2018 - 21:29
Published 16-07-2018 - 21:29
Last modified 12-09-2018 - 16:01
Back to Top