Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
QTS, QuTS hero
Vulnerability Description
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
QNAP QTS和QNAP QuTS hero 路径遍历漏洞
Vulnerability Description
QNAP QTS和QNAP QuTS hero都是中国台湾威联通科技(QNAP)公司的一个具有数据存储与管理功能的软件。 QNAP QTS 5.2.5.3145版本之前版本和QNAP QuTS hero h5.2.5.3138版本之前版本存在路径遍历漏洞,该漏洞源于容易受到路径遍历攻击,可能导致读取意外文件或系统数据。
CVSS Information
N/A
Vulnerability Type
N/A