RaidSonic IB-NAS5220 and IB-NAS4220-B Multiple Security Vulnerabilities

RaidSonic IB-NAS5220 and IB-NAS422-B are prone to multiple security vulnerabilities, including:

1. An authentication-bypass vulnerability
2. An HTML-injection vulnerability
3. A command-injection vulnerability

The attacker may leverage these issues to bypass certain security restrictions and perform unauthorized actions or execute HTML and script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or inject and execute arbitrary commands.


 

Privacy Statement
Copyright 2010, SecurityFocus