CVE-2013-0143

QNAP VioStor NVR 4.0.3 and Surveillance Station Pro - Authenticated Remote Code Execution via pingping.cgi Query String

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-0143. PoCs published by Tim Herres.

AI-analyzed exploit summary This exploit demonstrates a command injection vulnerability in QNAP VioStor NVR and QNAP NAS devices. The vulnerability allows remote code execution by injecting arbitrary commands via the 'ping_ip' parameter in the 'pingping.cgi' script.

Description

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Tim Herres · textwebappscgi

https://www.exploit-db.com/exploits/38550

View Code ZIP pw:eip

This exploit demonstrates a command injection vulnerability in QNAP VioStor NVR and QNAP NAS devices. The vulnerability allows remote code execution by injecting arbitrary commands via the 'ping_ip' parameter in the 'pingping.cgi' script.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: QNAP VioStor NVR running firmware 4.0.3, QNAP NAS

No auth needed

Prerequisites: Network access to the target device · The 'pingping.cgi' script must be accessible

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/927644

Scores

EPSS 0.0697

EPSS Percentile 93.3%

Details

CWE

CWE-94

Status published

Products (4)

qnap/nas

qnap/surveillance_station_pro

qnap/viostor_network_video_recorder 4.0.3

qnap/viostor_network_video_recorder

Published Jun 07, 2013

Tracked Since Feb 18, 2026