PT-2022-10749 · Qnap · Qnap Qcalagent
Tony Martin
·
Published
2022-01-14
·
Updated
2022-01-19
·
CVE-2021-38678
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
QNAP QcalAgent versions prior to 1.1.7
Description
An open redirect issue has been reported, allowing attackers to redirect users to untrusted pages containing malware.
Recommendations
For QNAP QcalAgent versions prior to 1.1.7, update to QcalAgent 1.1.7 or later to resolve the issue.
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qnap Qcalagent