Security Fix for Surveillance Station Pro v3.0

Silas Mariusz

rm -rf /
Help us, GOD!
5 Kwiecień 2008
10 167
31
2 243
153
39
Nowy Sącz
forum.qnap.net.pl
QNAP
TS-x77
Ethernet
1 GbE
Security Advisory

[What is affected]
Surveillance Station Pro v3.0 from QTS 4.0 could allow guest user with "ping" permission.
CWE-284: Improper Access Control CVE-2013-0142
CWE-77: Improper Neutralization of Special Elements used in a Command CVE-2013-0143

[How to fix]
Please go to App Center and upgrade Surveillance Station Pro to v3.0.1 or higher for the security fix.

SSPro3.0.1.jpg