The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LQnap Helpdesk
APPQnap< 3.0.3
CISA KEV — detailsi
- Vendori
- QNAP Systems
- Producti
- Helpdesk
- Added to KEVi
- March 25, 2022
- Remediation deadline (US Federal)i
- April 15, 2022(overdue)
Apply updates per vendor instructions.
QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information.
Related vulnerabilities
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection v...
This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service....
Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS ...
An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulne...
An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerabilit...