Summary
RaidSonic IB-NAS5220 and IB-NAS422-B are prone to multiple security vulnerabilities.
Impact
The attacker may leverage these issues to bypass certain security restrictions and perform unauthorized actions or execute HTML and script code in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, or inject and execute arbitrary commands.
Solution
Ask the Vendor for an update.
Insight
The remote NAS is prone to:
1. An authentication-bypass vulnerability
2. An HTML-injection vulnerability
3. A command-injection vulnerability
Affected
It seems that not only RaidSonic IB-NAS5220 and IB-NAS422-B are prone to this vulnerabilities. We've seen devices from Toshiba, Sarotech, Verbatim and others where it also was possible to execute commands using the same exploit. Looks like these devices are using the same firmware.
Detection
Try to execute the 'sleep' command on the device with a special crafted POST request.
References
Updated on 2015-03-25
