An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Smart Client 2.4.0.0570 and later
History

Fri, 06 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Qnap
Qnap qvr Smart Client
CPEs cpe:2.3:a:qnap:qvr_smart_client:*:*:*:*:*:*:*:*
Vendors & Products Qnap
Qnap qvr Smart Client
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 06 Sep 2024 16:45:00 +0000

Type Values Removed Values Added
Description An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow local authenticated administrators to execute unauthorized code or commands via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Smart Client 2.4.0.0570 and later
Title QVR Smart Client
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: qnap

Published: 2024-09-06T16:26:41.790Z

Updated: 2024-09-06T17:49:51.271Z

Reserved: 2022-03-21T22:02:33.325Z

Link: CVE-2022-27592

cve-icon Vulnrichment

Updated: 2024-09-06T17:49:44.600Z

cve-icon NVD

Status : Analyzed

Published: 2024-09-06T17:15:11.173

Modified: 2024-09-24T16:44:35.460

Link: CVE-2022-27592

cve-icon Redhat

No data.