Skip to content
/ cve-2019-7192-check Public

Checker for QNAP pre-auth root RCE (CVE-2019-7192 ~ CVE-2019-7195)

License

Apache-2.0 license
13 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cycraft-corp/cve-2019-7192-check

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Checker_for_QNAP_RCE_cve20197192_95.py
Checker_for_QNAP_RCE_cve20197192_95.py
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

QNAP Pre-Auth Root RCE (CVE-2019-7192 ~ CVE-2019-7195) Checker

Usage:

pip install requests
./Checker_for_QNAP_RCE_cve20197192_95.py /path/to/ip-port.txt

Example file input:

1.2.3.4 8080
2.3.4.5 443

This tool takes a list of QNAP NASes' IPs and ports, and it tells if each device is vulnerable to the following vulnerabilities:

  • CVE-2019–7192 (CVSS 9.8)
  • CVE-2019–7193 (CVSS 9.8)
  • CVE-2019–7194 (CVSS 9.8)
  • CVE-2019–7195 (CVSS 9.8)

Vulnerability

The vulnerabilities can be chained as a pre-auth root RCE, visit the following links for more details:

Credit

The vulnerabilities were discovered by Henry Huang from CyCarrier CSIRT, and he is also the author of this tool.

About

Checker for QNAP pre-auth root RCE (CVE-2019-7192 ~ CVE-2019-7195)

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

13 stars

Watchers

1 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages