Giters

d0rb / CVE-2024-27130

This Python script is designed as a proof-of-concept (PoC) for the CVE-2024-27130 vulnerability in QNAP QTS

Repository from Github https://github.comd0rb/CVE-2024-27130Repository from Github https://github.comd0rb/CVE-2024-27130

Profile Visitors

๐Ÿ‡ฎ๐Ÿ‡ฑ #BringThemHome #NeverAgainIsNow ๐Ÿ‡ฎ๐Ÿ‡ฑ

We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home. https://stories.bringthemhomenow.net/

QNAP QTS CVE-2024-27130 PoC ๐Ÿ”’

This repository contains a proof-of-concept (PoC) script for exploiting CVE-2024-27130, a vulnerability affecting QNAP QTS. This vulnerability allows an attacker to execute arbitrary commands with root privileges. โš ๏ธ

Description ๐Ÿ”Ž

The script exploits a vulnerability in QNAP QTS, enabling an attacker to execute arbitrary commands as root. It sends a specially crafted payload to the target QNAP device, triggering the vulnerability and granting the attacker root access. ๐Ÿ’ป

For more information, refer to the blog post by Watchtowr Labs. ๐Ÿ”–

Usage ๐Ÿ› ๏ธ

To use the script, provide the IP address or domain name of the target QNAP device as well as the SSID (Share ID). The script will attempt to exploit the vulnerability and create a new user with root privileges. ๐Ÿš€

python3 checker.py <host> <ssid>

About

This Python script is designed as a proof-of-concept (PoC) for the CVE-2024-27130 vulnerability in QNAP QTS

Languages

Language:Python 100.0%