Описание
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
A flaw was found in qBittorrent's DownloadManager component. This vulnerability allows remote code execution via improper validation of SSL/TLS certificates, enabling attackers to perform man-in-the-middle and RCE attacks.
Отчет
No Red Hat products are affected by this vulnerability.
Дополнительная информация
Статус:
Critical
Дефект:
CWE-295
https://bugzilla.redhat.com/show_bug.cgi?id=2323332qBittorrent: RCE Vulnerability in qBittorrent Due to Improper SSL/TLS Certificate Validation
8.1 High
CVSS3
Связанные уязвимости
CVSS3: 8.1
ubuntu
около 1 года назад
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
CVSS3: 8.1
nvd
около 1 года назад
qBittorrent before 5.0.1 proceeds with use of https URLs even after certificate validation errors.
CVSS3: 8.1
debian
около 1 года назад
qBittorrent before 5.0.1 proceeds with use of https URLs even after ce ...
8.1 High
CVSS3