7 matches found
Qnap QTS Link Following (CVE-2021-44052)
An improper link resolution before file access 'Link Following' vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote attackers to traverse the file system to unintended locations and read or overwrite the...
QNAP QuTScloud Multiple Vulnerabilities (QSA-22-16)
QNAP QuTScloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutscloud"; ifdescripti...
QNAP QuTS hero Multiple Vulnerabilities (QSA-22-16)
QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...
QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices
QNAP, Taiwanese maker of network-attached storage NAS devices, on Friday released security updates to patch nine security weaknesses, including a critical issue that could be exploited to take over an affected system. "A vulnerability has been reported to affect QNAP VS Series NVR running QVR,"...
CVE-2021-44052
An improper link resolution before file access 'Link Following' vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote attackers to traverse the file system to unintended locations and read or overwrite the...
CVE-2021-44052 Arbitrary file read
An improper link resolution before file access 'Link Following' vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote attackers to traverse the file system to unintended locations and read or overwrite the...
CVE-2021-44052
CVE-2021-44052 affects QNAP devices running QuTScloud, QuTS hero, and QTS. It is an improper link resolution before file access ("link following") vulnerability that could allow remote attackers to traverse the file system and read or overwrite files in unintended locations. Affected components a...