CVE-2017-7630

MEDIUM

QNAP QTS <4.2.6-4.3.3 - Info Disclosure

Title source: llm
STIX 2.1

Description

QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0023
EPSS Percentile 45.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
qnap/qts 4.2.6
qnap/qts 4.3.3
Published Mar 27, 2018
Tracked Since Feb 18, 2026