Search

安全ID : QSA-21-48

Reflected XSS Vulnerability in Ragic Cloud DB

  • 发布日期 : November 19, 2021

  • 通用漏洞披露 : CVE-2021-38681

  • 受影响产品: QNAP NAS running Ragic Cloud DB

严重程度

Moderate

Summary

A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code.

We have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.

Recommendation

To secure your device, we recommend uninstalling Ragic Cloud DB until a security patch is available.

Uninstalling Ragic Cloud DB

  1. Log on to QTS or QuTS hero as administrator.
  2. Open the App Center.
  3. Locate Ragic Cloud DB, and then click .
  4. Select Remove.
    A confirmation message appears.
  5. Click OK.
    QTS or QuTS hero uninstalls the application.

修订历史: V1.0 (November 19, 2021) - Published

选择规格

      显示更多 隐藏更多
      open menu
      back to top