CVE-2019-7183 โ€” Link Following in Qnap QTS

CWE-59 โ€” Link Following3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
1.2%
top 20.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Qnap QTS
Timeline
PublishedDec 5
Latest updateMay 24

Description

This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

โ–ถNVDqnap/qts25 versions+24

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-7wcc-2hfr-r5m7: This improper link resolution vulnerability allows remote attackers to access system filesโ†—2022-05-24
โ–ถ
CVEList
CVE-2019-7183: This improper link resolution vulnerability allows remote attackers to access system filesโ†—2019-12-05
โ–ถ
CVE-2019-7183 โ€” Link Following in Qnap QTS | cvebase