An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands.
We have already fixed the vulnerability in the following versions:
QVPN Windows 2.0.0.1316 and later
QVPN Windows 2.0.0.1310 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-23-04 |
History
Fri, 20 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 19 Dec 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windows 2.0.0.1316 and later QVPN Windows 2.0.0.1310 and later | |
Title | QVPN Device Client | |
Weaknesses | CWE-427 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2024-12-19T01:39:46.448Z
Updated: 2024-12-20T17:41:46.284Z
Reserved: 2022-03-21T22:02:33.326Z
Link: CVE-2022-27595
Vulnrichment
Updated: 2024-12-20T16:59:40.577Z
NVD
Status : Received
Published: 2024-12-19T02:15:21.300
Modified: 2024-12-19T02:15:21.300
Link: CVE-2022-27595
Redhat
No data.