This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
A web application on the remote host is protected using default
The NAS4Free web interface on the remote host has the 'admin' user
account secured with the default password. A remote, unauthenticated
attacker could exploit this to gain administrative access to the web
interface, which could allow arbitrary command execution via exec.php.
See also :
Secure the 'admin' user account with a strong password.
Risk factor :
Critical / CVSS Base Score : 10.0
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now