A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
QuFirewall 2.4.1 ( 2024/02/01 ) and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-24-17 |
History
Mon, 12 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | ||
Vendors & Products |
Qnap Systems Inc
Qnap Systems Inc qufirewall |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2024-04-26T15:01:35.472Z
Updated: 2024-08-12T19:33:32.522Z
Reserved: 2023-08-28T09:45:52.367Z
Link: CVE-2023-41290
Vulnrichment
Updated: 2024-08-02T18:54:05.042Z
NVD
Status : Awaiting Analysis
Published: 2024-04-26T15:15:46.473
Modified: 2024-04-26T15:32:22.523
Link: CVE-2023-41290
Redhat
No data.