CVE-2017-7639

CWE-287Improper Authentication3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 59.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Qnap NAS Proxy Server
Timeline
PublishedJun 5
Latest updateMay 14

Description

QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-r8w2-663p-rf6c: QNAP NAS application Proxy Server through version 12022-05-14
CVEList
CVE-2017-7639: QNAP NAS application Proxy Server through version 12018-06-05
CVE-2017-7639 (MEDIUM CVSS 5.3) | QNAP NAS application Proxy Server t | cvebase.io