Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-27593 PoC — QNAP Systems Photo Station 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-27593.yaml
Associated Vulnerability
Title:QNAP Systems Photo Station 安全漏洞 (CVE-2022-27593)
Description:QNAP Systems Photo Station是中国威联通科技(QNAP Systems)公司的一个线上相册。用于整理 Qnap Nas 上的多媒体内容(相片和影片)。 QNAP Systems Photo Station 存在安全漏洞,攻击者利用该漏洞可以执行 DeadBolt 勒索软件活动,以下产品和版本受到影响:QTS 5.0.1:Photo Station 6.1.2 之前版本、QTS 5.0.0/4.5.x:Photo Station 6.0.22 之前版本、QTS 4.3.6:Photo
Description
QNAP QTS Photo Station External Reference is vulnerable to local file inclusion via an externally controlled reference to a resource vulnerability. If exploited, this could allow an attacker to modify system files. The vulnerability is fixed in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later.
File Snapshot

 id: CVE-2022-27593

info:
  name: QNAP QTS Photo Station External Reference - Local File Inclusion
 

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.