CVE-2023-45038 PoC — QNAP Systems Music Station 授权问题漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-45038.yaml

Associated Vulnerability

Title:QNAP Systems Music Station 授权问题漏洞 (CVE-2023-45038)
Description:QNAP Systems Music Station是中国威联通科技（QNAP Systems）公司的一款音乐播放和管理应用程序。 QNAP Systems Music Station 5.4.0版本及之前版本存在授权问题漏洞，该漏洞源于包含一个不正确的身份验证漏洞。攻击者利用该漏洞可以通过网络危害系统的安全。

Description

An improper authentication vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Music Station 5.4.0 and later

File Snapshot


 id: CVE-2023-45038

info:
  name: QNAP Music Station < 5.4.0 - Authentication Bypass
  author: daffa

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!