Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
QuFirewall
Vulnerability Description
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QuFirewall 2.3.3 ( 2023/03/27 ) and later and later
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
QNAP Systems QuFirewall 命令注入漏洞
Vulnerability Description
QNAP Systems QuFirewall是中国威联通科技(QNAP Systems)公司的一个 QNAP 设备的内置防火墙应用程序。 QNAP Systems QuFirewall 2.3版本存在命令注入漏洞,该漏洞源于允许已获得管理员访问权限的远程攻击者执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A