安全ID : QSA-24-17
Multiple Vulnerabilities in QuFirewall
发布日期 : April 25, 2024
通用漏洞披露 : CVE-2023-41290 | CVE-2023-41291
受影响产品: QuFirewall 2.4.x
严重程度
Moderate
状态
已解决
Summary
Two path traversal vulnerabilities have been reported to affect QuFirewall. If exploited, the vulnerabilities could allow remote attackers to read sensitive data.
We have already fixed the vulnerabilities in the following version:
| Affected Product | Fixed Version |
| QuFirewall 2.4.x | QuFirewall 2.4.1 (2024/02/01) and later |
Recommendation
To fix the vulnerabilities, we recommend updating QuFirewall to the latest version.
Updating QuFirewall
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "QuFirewall" and then press ENTER.
QuFirewall appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QuFirewall is already up to date. - Click OK.
The application is updated.
附件
致谢: lebr0nli (Alan Li), working with DEVCORE Internship Program
修订历史:
V1.0 (April 27, 2024) - Published
