{"id":11471,"date":"2013-10-24T10:04:48","date_gmt":"2013-10-24T15:04:48","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=11471"},"modified":"2013-10-23T16:32:17","modified_gmt":"2013-10-23T21:32:17","slug":"critical-netgear-readynas-frontview-security-vulnerability","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=11471","title":{"rendered":"Critical NETGEAR ReadyNAS Frontview security vulnerability"},"content":{"rendered":"<blockquote><p>Frontview is the ReadyNAS web management interface; the vulnerability allows command injection and fails to validate or sanitize user input and can be triggered without authentication, Young said.<\/p>\n<p>\u201cThe consequence is that an unauthenticated HTTP request can inject arbitrary Perl code to run on the server,\u201d Young wrote on the Tripwire blog. \u201cNaturally, this includes the ability to execute commands on the ReadyNAS embedded Linux in the context of the Apache web server.\u201d<\/p><\/blockquote>\n<p>via <a href=\"https:\/\/threatpost.com\/netgear-readynas-storage-vulnerable-to-serious-command-injection-flaw\/102657\">Critical NETGEAR ReadyNAS Frontview security vulnerability | Threatpost | The First Stop For Security News<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Frontview is the ReadyNAS web management interface; the vulnerability allows command injection and fails to validate or sanitize user input and can be triggered without authentication, Young said. \u201cThe consequence is that an unauthenticated HTTP request can inject arbitrary Perl &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=11471\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[110],"tags":[1125,60,80,698],"class_list":["post-11471","post","type-post","status-publish","format-standard","hentry","category-networking","tag-exploit-vector","tag-management-systems","tag-nas","tag-security-research"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/11471","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11471"}],"version-history":[{"count":1,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/11471\/revisions"}],"predecessor-version":[{"id":11472,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/11471\/revisions\/11472"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11471"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11471"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11471"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}