Full title: QNAP Transcode Server Command Execution Exploit 
Category: remote exploits
Platform: hardware
This Metasploit module exploits an unauthenticated remote command injection vulnerability in QNAP NAS devices. The transcoding server listens on port 9251 by default and is vulnerable to command injection using the 'rmfile' command. This Metasploit module was tested successfully on a QNAP TS-431 with firmware version 4.3.3.0262 (20170727).

# 0day.today @ http://0day.today/