5 matches found
CVE-2024-50404
A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central...
Exploit for CVE-2024-50404
CVE-2024-50404 - https://www.qnap.com/en/security-advisory/qsa...
CVE-2024-50404
A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central...
CVE-2024-50404 Qsync Central
A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central...
CVE-2024-50404
CVE-2024-50404 affects Qsync Central. A symlink/ZIP upload flaw allows a user with upload privileges to traverse the file system and disclose or modify sensitive targets (e.g., /etc/passwd, /etc/shadow) by uploading a ZIP containing a symlink to a protected path. Affected versions are Qsync Centr...