42 matches found
EUVD-2021-19375
Malware in sbrugna...
EUVD-2021-19376
Malware in sbrugna...
EUVD-2021-19377
Malware in sbrugna...
EUVD-2021-19378
Malware in sbrugna...
Access Control Error Vulnerability in Multiple QSAN Products
QSAN SANOS is a SAN storage management operating system. QSAN XEVO is a flash data management system. QSAN Storage Manager is a NAS operating system. several QSAN products are vulnerable to an access control error that could be exploited by remote attackers to discover user credentials and gain...
QSAN XEVO Command Injection Vulnerability (CNVD-2021-48920)
QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's Array function's status parameter not properly filtering input data for special characters...
QSAN XEVO Command Injection Vulnerability
QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A command injection vulnerability exists in QSAN XEVO that stems from the product's INIT function not filtering special elements of user input data. An attacker could use thi...
QSAN Multiple Products Trust Management Issues Vulnerabilities
QSAN SANOS and others are products of QSAN China.QSAN SANOS is a SAN storage management operating system.QSAN XEVO is a flash data management system.QSAN Storage Manager is a NAS operating system. A trust management issue vulnerability exists in several QSAN products, which can be exploited by a...
QSAN XEVO Path Traversal Vulnerability
QSAN XEVO is a flash data management system from QSAN China. Reduces repetitive tasks and provides complete data analysis. A path traversal vulnerability exists in QSAN XEVO, which stems from a failure of the product's back-end analysis function to filter input data for special characters. The...
QSAN SANOS and QSAN XEVO Command Injection Vulnerability
QSAN SANOS and QSAN XEVO are both products of QSAN China. QSAN SANOS is a SAN storage management operating system. It comes with a refreshingly easy-to-use Web GUI and can be easily deployed to any infrastructure.QSAN XEVO is a flash data management system. It reduces repetitive tasks and provide...
CVE-2021-32531
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32530
OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32521
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document...
CVE-2021-32521
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document...
CVE-2021-32532
Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32529
Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...
CVE-2021-32530
OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32531
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32532
Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0...
CVE-2021-32529
Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...