SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Storage)  >   QNAP Storage Devices Vendors:   QNAP Systems
QNAP Proxy Server Multiple Bugs Let Remote Users Conductg Cross-Site Scripting and Cross-Site Request Forgery Attacks, Modify the Configuration, and Execute Arbitrary Commands
SecurityTracker Alert ID:  1041025
SecurityTracker URL:  http://securitytracker.com/id/1041025
CVE Reference:   CVE-2017-7635, CVE-2017-7636, CVE-2017-7637, CVE-2017-7639   (Links to External Site)
Date:  Jun 1 2018
Impact:   Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Proxy Server 1.2.0 and before
Description:   Several vulnerabilities were reported in QNAP Proxy Server. A remote user can modify the configuration. A remote user can conduct cross-site request forgery and cross-site scripting attacks. A remote user can execute arbitrary commands on the target system.

A remote user can create a specially crafted HTML page or URL that, when loaded by the target authenticated user, will take actions on the target interface acting as the target user [CVE-2017-7635].

A remote user can send specially crafted data to execute arbitrary operating system commands on the target system [CVE-2017-7637].

The interface does not properly filter HTML code from user-supplied input before displaying the input [CVE-2017-7636]. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the QNAP Storage Devices interface and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A remote user can exploit an authentication flaw to modify the Proxy Server settings [CVE-2017-7639].

Tony Martin reported these vulnerabilities.

Impact:   A remote user can modify the configuration.

A remote user can take actions on the target system acting as the target authenticated user.

A remote user can execute arbitrary commands on the target system.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the QNAP Storage Devices interface, access data recently submitted by the target user via web form to the interface, or take actions on the interface acting as the target user.

Solution:   The vendor has issued a fix (Proxy Server 1.2.1 [for x31 and x31U models], 1.3.0).

The vendor advisory is available at:

https://www.qnap.com/en/security-advisory/nas-201806-01

Vendor URL:  www.qnap.com/en/security-advisory/nas-201806-01 (Links to External Site)
Cause:   Access control error, Authentication error, Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC