Qnap QTS Weak Password Recovery Mechanism for Forgotten Password (CVE-2017-7629)

QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid502559;...

QNAP QTS Command Injection Vulnerability (NAS-201707-12)

QNAP QTS is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

CVE-2017-7629

QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function...

CVE-2017-7629

CVE-2017-7629 affects QNAP QTS pre-4.2.6 build 20170517, due to a flaw in the change password function. The vulnerability’s impact is partial integrity loss (I:P) with no confidentiality/availability impact per CVSS data, and a network-accessible, low-complexity path without required authenticati...