Hardcoded Credential Vulnerability in QNAP VioStor NVR
CVE-2013-0142

Currently unrated

Key Information:

Vendor: Qnap
Status: Viostor Network Video Recorder; Viostor Network Video Recorder
Vendor: CVE Published:; 7 June 2013

Summary

The QNAP VioStor NVR devices incorporate a hardcoded guest account, presenting a risk where remote attackers can exploit this vulnerability to gain unauthorized access to the web-server login. Such access can be achieved through various unspecified attack vectors, compromising the security of the surveillance system and potentially leading to unauthorized data exposure.

References

http://www.kb.cert.org/vuls/id/927644

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 7, 2013