Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Open Redirect Vulnerability in QcalAgent
Vulnerability Description
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Vulnerability Title
Qnap QcalAgent 输入验证错误漏洞
Vulnerability Description
Qnap QcalAgent是中国威联通科技(Qnap)公司的一个时间管理中心。用于管理个人行程,与他人共用日历,分享彼此的排程。 QNAP QcalAgent 中存在输入验证错误漏洞,该漏洞源于未对用户输入数据进行适当处理。远程攻击者可利用该漏洞可以创建指向可信网站的链接,并将受害者重定向到任意域。
CVSS Information
N/A
Vulnerability Type
N/A