module

Raidsonic NAS Devices Unauthenticated Remote Command Execution

Disclosed	Created
Feb 4, 2013	May 30, 2018

Disclosed

Feb 4, 2013

Created

May 30, 2018

Description

Different Raidsonic NAS devices are vulnerable to OS command injection via the web
interface. The vulnerability exists in timeHandler.cgi, which is accessible without
authentication. This module has been tested with the versions IB-NAS5220 and
IB-NAS4220. Since this module is adding a new user and modifying the inetd daemon
configuration, this module is set to ManualRanking and could cause target instability.

Authors

Michael Messner [email protected]
juan vazquez [email protected]

Platform

Unix

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use exploit/linux/http/raidsonic_nas_ib5220_exec_noauth
    msf exploit(raidsonic_nas_ib5220_exec_noauth) > show targets
        ...targets...
    msf exploit(raidsonic_nas_ib5220_exec_noauth) > set TARGET < target-id >
    msf exploit(raidsonic_nas_ib5220_exec_noauth) > show options
        ...show and set options...
    msf exploit(raidsonic_nas_ib5220_exec_noauth) > exploit

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today