Title:QNAP多款产品 命令注入漏洞 (CVE-2024-32766) Description:QNAP Systems QuTScloud等都是中国威联通科技(QNAP Systems)公司的产品。QNAP Systems QuTScloud是一种 QNAP NAS 操作系统的云端优化版本。QNAP Systems QTS是一个入门到中阶QNAP NAS 使用的操作系统。QNAP Systems QuTS hero是一个操作系统。 QNAP多款产品存在命令注入漏洞,该漏洞源于操作系统命令注入漏洞。以下产品及版本受到影响:QTS 5.1.3.2578 build 20231110,QTS 4.5.4
Description
writeup and PoC for CVE-2024-32766 (QNAP) OS command injection, chained attack for auth bypass.
File Snapshot
None
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.