CVE-2021-44054 Open redirect

🗓️ 05 May 2022 16:50:24Reported by qnapType

Open redirect vulnerability in QNAP devices fixed in latest version

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the QuTS operating system, specifically the QTS operating system, is related to the use of open redirection. This allows attackers to compromise the confidentiality and integrity of information.	8 Jul 202200:00	–	bdu_fstec
CNNVD	QNAP多款产品输入验证错误漏洞	5 May 202200:00	–	cnnvd
CVE	CVE-2021-44054	5 May 202216:50	–	cve
EUVD	EUVD-2021-30913	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in QNAP QTS, QuTS hero and QuTScloud	6 May 202200:00	–	ncsc
NVD	CVE-2021-44054	5 May 202217:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-22-16)	6 May 202200:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-22-16)	30 May 202200:00	–	openvas
OpenVAS	QNAP QuTScloud Multiple Vulnerabilities (QSA-22-16)	30 May 202200:00	–	openvas
Prion	Open redirect	5 May 202217:15	–	prion

[
  {
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c5.0.1.1949",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.0.0.1949 build 20220215",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "h4.5.4.1951 build 20220218",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.0.0.1986 build 20220324",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.5.4.1991 build 20220329",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-22-16

05 May 2022 16:50Current

7.5High risk

Vulners AI Score7.5

CVSS 3.14.3

EPSS0.00532

CWE-601