EUVD-2026-30041

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device...

CVE-2026-6282

Technical details about CVE-2026-6282 (affected Lenovo devices, vulnerable components, impact, and fixes) are not provided in the available documents. Monitor Lenovo advisories and the CVE listing for updates.

CVE-2026-6282

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device...

CVE-2026-6281

A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute arbitrary commands on the device...

Lenovo Personal Cloud Storage 路径遍历漏洞

Lenovo Personal Cloud Storage is a personal cloud storage service provided by Lenovo Corporation. Lenovo Personal Cloud Storage has a path traversal vulnerability, which stems from improper file path validation. This vulnerability could allow remote authenticated users to move or access files of...

EUVD-2021-29806

Malicious code in bioql PyPI...

EUVD-2024-31317

Malicious code in bioql PyPI...

EUVD-2021-29807

Malicious code in bioql PyPI...

CVE-2021-42852

A command injection vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an authenticated user to execute operating system commands by sending a crafted packet to the device...

CVE-2021-42850

A weak default administrator password for the web interface and serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical or local network access...

CVE-2024-33580

A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges...

CVE-2024-33580

A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges...

CVE-2024-33580

A DLL hijack vulnerability was reported in Lenovo Personal Cloud that could allow a local attacker to execute code with elevated privileges...

CVE-2024-33580

CVE-2024-33580 describes a DLL hijack vulnerability in Lenovo Personal Cloud that could let a local attacker execute code with elevated privileges. Affected product: Lenovo Personal Cloud. Affected component: DLL loading path exploitation ( DLL hijack ). Root cause: DLL hijack leading to remote/l...

PT-2024-25349 · Lenovo · Lenovo Personal Cloud

Name of the Vulnerable Software and Affected Versions: Lenovo Personal Cloud affected versions not specified Description: A DLL hijack vulnerability was reported that could allow a local attacker to execute code with elevated privileges. The issue affects multiple versions of Lenovo products...

Default credentials

A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage devices that could allow unauthorized device access to an attacker with physical access...