CVE-2013-10049 – Raidsonic NAS Command Injection Vulnerability

August 1, 2025

CVE ID : CVE-2013-10049

Published : Aug. 1, 2025, 9:15 p.m. | 2 hours, 19 minutes ago

Description : An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone parameter of a POST request, allowing remote attackers to inject arbitrary shell commands.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2013-10050 – D-Link Router OS Command Injection Vulnerability

Next Article CVE-2013-10047 – MiniWeb HTTP Server Unrestricted File Upload and Privilege Escalation Vulnerability

Highlights

CVE-2025-6849 – Simple Forum Cross-Site Scripting (XSS) Vulnerability

June 29, 2025

CVE ID : CVE-2025-6849

Published : June 29, 2025, 7:15 a.m. | 3 hours, 20 minutes ago

Description : A vulnerability, which was classified as problematic, was found in code-projects Simple Forum 1.0. Affected is an unknown function of the file /forum_edit1.php. The manipulation of the argument text leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

8 Top AI Agent Development Companies Transforming Node.js Automation (2025–2026 Edition)

Representative Line: Reduced to a Union

Functional Personas With AI: A Lean, Practical Workflow

Vibe Coding vs React.js AI-Assisted Coding: A C-Suite Comparison (2025)

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

Development Release: Fedora 43 Beta

Distribution Release: Murena 3.1.1

Shopping Portal using Python Django & MySQL

Shopping Portal using Python Django & MySQL

Perficient Earns Adobe’s Real-time CDP Specialization

What is Microsoft Copilot?

Distribution Release: Mauna Linux 25

Distribution Release: Mauna Linux 25

Distribution Release: SparkyLinux 2025.09

Development Release: Fedora 43 Beta

CVE-2013-10049 – Raidsonic NAS Command Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

APPLE-SA-04-16-2025-4 visionOS 2.4.1

CVE-2025-49456 – Zoom Windows Installer Race Condition Vulnerability

CVE-2025-6170 – “Xmllint Command-Line Tool Buffer Overflow Vulnerability”

Microsoft says Windows 11 24H2 is the most reliable version yet

CVE-2025-6849 – Simple Forum Cross-Site Scripting (XSS) Vulnerability

Huawei MateBook X Pro 2024 (Linux Edition) Goes on Sale

159 CVEs Exploited in The Wild in Q1 2025, 8.3% of Vulnerabilities Exploited Within 1-Day

Swiss government warns attackers have stolen sensitive data, after ransomware attack at Radix

CVE-2013-10049 – Raidsonic NAS Command Injection Vulnerability

Related Posts