Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.3 build 20210505 on QSW-M2108-2C; versions prior to 1.0.3 build 20210505 on QSW-M2108-2S; versions prior to 1.0.3 build 20210505 on QSW-M2108R-2C; versions prior to 1.0.12 build 20210506 on QSW-M408.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HQnap Qss
APPQnap< 1.0.3< 1.0.12Qnap Qsw M2108 2c
HWQnapwszystkie wersjeQnap Qsw M2108 2s
HWQnapwszystkie wersjeQnap Qsw M2108r 2c
HWQnapwszystkie wersjeQnap Qsw M408
HWQnapwszystkie wersje
Related vulnerabilities
An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS. If exploite...
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Ph...
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync...
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerabil...
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNA...