exploitDog

CVE-2021-38678

Опубликовано: 14 янв. 2022

Источник: nvd

CVSS3: 6.1

CVSS2: 5.8

EPSS Низкий

Описание

An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later

Ссылки

https://www.qnap.com/en/security-advisory/qsa-21-60
Vendor Advisory
https://www.qnap.com/en/security-advisory/qsa-21-60
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:qnap:qcalagent:*:*:*:*:*:*:*:*

Версия до 1.1.7 (исключая)

EPSS

Процентиль: 39%

0.00169

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

CWE-601

Связанные уязвимости

GHSA-5m7c-7cfg-9hj4

github

около 4 лет назад

An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later

EPSS

Процентиль: 39%

0.00169

Низкий

6.1 Medium

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-601

CWE-601