Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
QTS, QuTS hero
Vulnerability Description
A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build 20251216 and later QuTS hero h5.3.2.3354 build 20251225 and later QuTS hero h5.2.8.3350 build 20251216 and later
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
QNAP Systems QTS和QNAP Systems QuTS hero 后置链接漏洞
Vulnerability Description
QNAP Systems QTS和QNAP Systems QuTS hero都是中国台湾威联通科技(QNAP Systems)公司的一个具有数据存储与管理功能的软件。 QNAP Systems QTS 5.2.8.3350之前版本和QNAP Systems QuTS hero h5.3.2.3354之前版本、h5.2.8.3350之前版本存在后置链接漏洞,该漏洞源于存在链接跟随漏洞,可能导致远程攻击者遍历文件系统。
CVSS Information
N/A
Vulnerability Type
N/A