Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The ZSPACE Q2C NAS contains a vulnerability related to incorrect symbolic link following. Attackers can format a USB drive to ext4, create a symbolic link to its root directory, insert the drive into the NAS device's slot, and then access the USB drive's directory mounted on the NAS using the Samba protocol. This allows them to obtain all files within the NAS system and tamper with those files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZSPACE Q2C NAS 安全漏洞
Vulnerability Description
ZSPACE Q2C NAS是中国极空间(ZSPACE)公司的一个私有云设备。 ZSPACE Q2C NAS存在安全漏洞,该漏洞源于符号链接跟随不正确,可能导致攻击者获取NAS系统内的所有文件并篡改这些文件。
CVSS Information
N/A
Vulnerability Type
N/A