26 matches found
EUVD-2021-19377
Malware in sbrugna...
EUVD-2021-19375
Malware in sbrugna...
EUVD-2021-19378
Malware in sbrugna...
EUVD-2021-19376
Malware in sbrugna...
QSAN Multiple Products Trust Management Issues Vulnerabilities
QSAN SANOS and others are products of QSAN China.QSAN SANOS is a SAN storage management operating system.QSAN XEVO is a flash data management system.QSAN Storage Manager is a NAS operating system. A trust management issue vulnerability exists in several QSAN products, which can be exploited by a...
QSAN XEVO Path Traversal Vulnerability
QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A path traversal vulnerability exists in QSAN XEVO, which stems from a failure of the product's back-end analysis function to filter input data for special characters. The...
QSAN XEVO Command Injection Vulnerability (CNVD-2021-48920)
QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's Array function's status parameter not properly filtering input data for special characters...
QSAN XEVO Command Injection Vulnerability
QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's INIT function not filtering special elements of user input data. An attacker could use thi...
CVE-2021-32532
Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32532
Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32530
OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32531
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32531
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32530
OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
Command injection
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
Path traversal
Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
Command injection
Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...
CVE-2021-32532
CVE-2021-32532 affects QSAN XEVO, a flash data management system. The back-end analysis function suffers a path traversal vulnerability that could allow remote attackers to download arbitrary files without privileges. Several sources confirm this issue and its remediation: the vulnerability is ad...
CVE-2021-32532 QSAN XEVO - Path Traversal
Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32531 QSAN XEVO - Command Injection Following via Init function
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...