安全ID : QSA-24-22
Vulnerability in QVR Smart Client
发布日期 : September 7, 2024
通用漏洞披露 : CVE-2022-27592
受影响产品: QVR Smart Client 2.4.x
严重程度
Moderate
状态
已解决
Summary
An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If exploited, the vulnerability could allow attackers to execute unauthorized code or commands.
We have already fixed the vulnerability in the following versions:
| Affected Product | Fixed Version |
| QVR Smart Client 2.4.x |
QVR Smart Client 2.4.0.0570 and later (for Windows 10 SP1, Windows 11, and macOS) |
Recommendation
To secure your device, we recommend regularly updating your QNAP utilities to the latest versions to benefit from vulnerability fixes. You can check the QNAP Utilities page to see the latest updates available to your device operating system.
附件
致谢: Runzi Zhao, Security Researcher, QI-ANXIN
修订历史:
V1.0 (September 07, 2024) - Published
