← Back

CVE-2013-6276

nvd nist
Published: Aug 9, 2021Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models

Affected (6)

Qnap
5 products
Viocard 30 Firmware
Viocard 100 Firmware
Viocard 300 Firmware
Viogate 340a Firmware
Viogate 340 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Viocard 30 Firmware
Version 2312_2.1.0
Running on/withPlatform Versions
Qnap
Viocard 30
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Viocard 100 Firmware
All versions
Running on/withPlatform Versions
Qnap
Viocard 100
All versions
Configuration C
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Qnap
Viocard 300 Firmware
Version rc_b3722
Viocard 300 Firmware
Version rs_b4631
Running on/withPlatform Versions
Qnap
Viocard 300
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Viogate 340a Firmware
All versions
Running on/withPlatform Versions
Qnap
Viogate 340a
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Viogate 340 Firmware
Version 2308_2.1.0
Running on/withPlatform Versions
Qnap
Viogate 340
All versions

Related CWEs

CWE-798
Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.

References (4)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.