Unrated severityNVD Advisory· Published Jun 7, 2013· Updated Jun 16, 2026
CVE-2013-0143
CVE-2013-0143
Description
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:qnap:surveillance_station_pro:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:qnap:surveillance_station_pro:-:*:*:*:*:*:*:*
- (no CPE)
cpe:2.3:h:qnap:viostor_network_video_recorder:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:h:qnap:viostor_network_video_recorder:-:*:*:*:*:*:*:*
- cpe:2.3:o:qnap:viostor_network_video_recorder:4.0.3:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- www.kb.cert.org/vuls/id/927644nvdUS Government Resource
News mentions
0No linked articles in our index yet.