/CVE-2019-7192_QNAP_Exploit

QNAP pre-auth root RCE Exploit (CVE-2019-7192 ~ CVE-2019-7195)

Primary LanguagePython

QNAP Pre-Auth Root RCE (CVE-2019-7192 ~ CVE-2019-7195) Exploit

for now, you can read system files (/etc/shadow, ssh private key, etc.)

Usage:

pip install -r requirements.txt # or just pip install requests
python3 gundy.py https://vulnerable_url:port

Sample Output

Exploit-poc

Vulnerability

The vulnerabilities can be chained as a pre-auth root RCE, visit the following links for more details: