From dc4173acac445851c1a302459eb0280b9d67ec0a Mon Sep 17 00:00:00 2001 From: Goby <50955360+gobysec@users.noreply.github.com> Date: Tue, 4 Apr 2023 18:51:55 +0800 Subject: [PATCH] Update GobyVuls-Document.md --- GobyVuls-Document.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/GobyVuls-Document.md b/GobyVuls-Document.md index 141c302..fd1b4cd 100644 --- a/GobyVuls-Document.md +++ b/GobyVuls-Document.md @@ -1,7 +1,20 @@ # Goby History Update Vulnerability Total Document (Continuously Update) The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing. -**Updated document date: April 01, 2023** +**Updated document date: April 04, 2023** + +## QNAP-NAS authLogin.cgi app_token RCE Vulnerability (CVE-2022-27596) + +| **Vulnerability** | **QNAP-NAS authLogin.cgi app_token RCE Vulnerability (CVE-2022-27596)** | +| :----: | :-----| +| **Chinese name** | QNAP-NAS authLogin.cgi 文件 app_token 参数代码执行漏洞(CVE-2022-27596) | +| **CVSS core** | 9.0 | +| **FOFA Query** (click to view the results directly)| [(((header="http server" \&\& body="redirect_suffix") \|\| body="/css/qnap-default.css" \|\| body="/redirect.html?count=\\\"+Math.random()" \|\| body="/indexnas.cgi?counter=") && body!="Server: couchdb") \|\| (body="qnap_hyperlink" && body="QNAP Systems, Inc.\ All Rights Reserved.")](https://fofa.info/result?qbase64=KCgoaGVhZGVyPSJodHRwIHNlcnZlciIgJiYgYm9keT0icmVkaXJlY3Rfc3VmZml4IikgfHwgYm9keT0iL2Nzcy9xbmFwLWRlZmF1bHQuY3NzIiB8fCBib2R5PSIvcmVkaXJlY3QuaHRtbD9jb3VudD1cXFwiK01hdGgucmFuZG9tKCkiIHx8IGJvZHk9Ii9pbmRleG5hcy5jZ2k%2FY291bnRlcj0iKSAmJiBib2R5IT0iU2VydmVyOiBjb3VjaGRiIikgfHwgKGJvZHk9InFuYXBfaHlwZXJsaW5rIiAmJiBib2R5PSJRTkFQIFN5c3RlbXMsIEluYy48L2EgPiBBbGwgUmlnaHRzIFJlc2VydmVkLiIp) | +| **Number of assets affected** | 2262781 | +| **Description** | QNAP Systems QTS is an operating system used by China's QNAP Systems for entry-level to mid-level QNAP NAS. There is a security vulnerability in QNAP Systems QTS. The vulnerability stems from the fact that devices running QuTS hero and QTS allow remote attackers to inject malicious code into the app_token parameter field to obtain server permissions. | +| **Impact** | There is a security vulnerability in QNAP Systems QTS. The vulnerability stems from the fact that devices running QuTS hero and QTS allow remote attackers to inject malicious code into the app_token parameter field to obtain server permissions. | + +![](https://s3.bmp.ovh/imgs/2023/04/04/5bfa9b242ae05f6c.gif) ## Zyxel Authentication Bypass Vulnerability (CVE-2022-0342)