Full title: QNAP Web Server Remote Code Execution via Bash Environment Variable Code Injection Exploit 
Category: remote exploits
Platform: hardware
This Metasploit module allows you to inject unix command with the same user who runs the http service - admin - directly on the QNAP system. Affected products: All Turbo NAS models except TS-100, TS-101, TS-200

# 0day.today @ http://0day.today/