<div align="center">

[![Profile Visitors](](

 #  ๐Ÿ‡ฎ๐Ÿ‡ฑ  **#BringThemHome #NeverAgainIsNow**   ๐Ÿ‡ฎ๐Ÿ‡ฑ

**We demand the safe return of all citizens who have been taken hostage by the terrorist group Hamas. We will not rest until every hostage is released and returns home safely. You can help bring them back home.**

# QNAP QTS CVE-2024-27130 PoC :lock:

This repository contains a proof-of-concept (PoC) script for exploiting CVE-2024-27130, a vulnerability affecting QNAP QTS. This vulnerability allows an attacker to execute arbitrary commands with root privileges. :warning:

## Description :mag_right:

The script exploits a vulnerability in QNAP QTS, enabling an attacker to execute arbitrary commands as root. It sends a specially crafted payload to the target QNAP device, triggering the vulnerability and granting the attacker root access. :computer:

For more information, refer to the [blog post]( by Watchtowr Labs. :bookmark:

## Usage :hammer_and_wrench:

To use the script, provide the IP address or domain name of the target QNAP device as well as the SSID (Share ID). The script will attempt to exploit the vulnerability and create a new user with root privileges. :rocket:

python3 <host> <ssid>