Think you have a false positive on this rule?

Sid 1-46300


SERVER-WEBAPP QNAP VioStor NVR and QNAP NAS command injection attempt


This event is generated when a command injection is attempted on pingping.cgi for a QNAP device


Web Application Attack


CVSS base score 6.5

CVSS impact score 6.4

CVSS exploitability score 8.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2013-0143: cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.

Affected systems

  • qnap surveillancestationpro -
  • qnap nas -
  • qnap viostornetworkvideo_recorder -
  • qnap viostornetworkvideo_recorder 4.0.3

Ease of attack


Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

False positives

False negatives

Corrective action


  • Cisco's Talos Intelligence Group

Additional References