Vulnerability Details : CVE-2018-0707
Public exploit exists!
Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.
Exploit prediction scoring system (EPSS) score for CVE-2018-0707
Probability of exploitation activity in the next 30 days: 6.67%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2018-0707
-
QNAP Q'Center change_passwd Command Execution
Disclosure Date: 2018-07-11First seen: 2020-04-26exploit/linux/http/qnap_qcenter_change_passwd_execThis module exploits a command injection vulnerability in the `change_passwd` API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary
CVSS scores for CVE-2018-0707
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
8.0
|
10.0
|
NIST |
7.2
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
NIST |
CWE ids for CVE-2018-0707
-
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-0707
-
http://packetstormsecurity.com/files/148515/QNAP-Qcenter-Virtual-Appliance-1.6.x-Information-Disclosure-Command-Injection.html
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://www.coresecurity.com/advisories/qnap-qcenter-virtual-appliance-multiple-vulnerabilities
QNAP Qcenter Virtual Appliance Multiple Vulnerabilities | Core SecurityExploit;Third Party Advisory
-
http://seclists.org/fulldisclosure/2018/Jul/45
Full Disclosure: [CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple VulnerabilitiesExploit;Mailing List;Third Party Advisory
-
https://www.qnap.com/zh-tw/security-advisory/nas-201807-10
Security Advisory for Vulnerabilities in Q’center Virtual Appliance - Technical Advisory | QNAPVendor Advisory
-
https://www.exploit-db.com/exploits/45043/
QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)Third Party Advisory;VDB Entry
-
https://www.exploit-db.com/exploits/45015/
QNAP Qcenter Virtual Appliance - Multiple VulnerabilitiesExploit;Third Party Advisory;VDB Entry
-
https://www.securityfocus.com/archive/1/542141/100/0/threaded
SecurityFocusExploit;Third Party Advisory;VDB Entry
Products affected by CVE-2018-0707
- cpe:2.3:a:qnap:q\'center:*:*:*:*:*:*:*:*