CVE-2023-41290

Published Apr 26, 2024

Last updated 7 months ago

CVSS medium 4.1

Overview

Description: A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: QuFirewall 2.4.1 ( 2024/02/01 ) and later
Source: security@qnapsecurity.com.tw
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 4.1
Impact score: 1.4
Exploitability score: 2.3
Vector string: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
Severity: MEDIUM

Weaknesses

security@qnapsecurity.com.tw: CWE-22

Hype score: Not currently trending

References