WiseGiga NAS 취약점 소식

WiseGiga NAS 취약점 소식 보안업데이트 권고를 드립니다.

Vulnerabilities summary

The following advisory describes five (5) vulnerabilities and default accounts / passwords found in WiseGiga NAS devices.

WiseGiga is a Korean company selling NAS products.

The vulnerabilities found in WiseGiga NAS are:

Pre-Authentication Local File Inclusion (4 different vulnerabilities)

Post-Authentication Local File Inclusion

Remote Command Execution as root

Remote Command Execution as root with CSRF

Info Leak

Default accounts

해당 분석 보고서 

https://blogs.securiteam.com/index.php/archives/3402