CVE-2017-7639
First published: Tue Jun 05 2018(Updated: )
QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qnap Nas Proxy Server | <1.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the QNAP NAS Proxy Server vulnerability?
The vulnerability ID for the QNAP NAS Proxy Server vulnerability is CVE-2017-7639.
What is the severity of the QNAP NAS Proxy Server vulnerability?
The severity of the QNAP NAS Proxy Server vulnerability is medium with a severity value of 5.3.
What does the QNAP NAS Proxy Server vulnerability allow?
The QNAP NAS Proxy Server vulnerability allows attackers to exploit the application's improper authentication and change the settings of the Proxy Server.
What is the affected software version range for the QNAP NAS Proxy Server vulnerability?
The affected software version range for the QNAP NAS Proxy Server vulnerability is up to, but excluding, version 1.3.0.
Where can I find more information about the QNAP NAS Proxy Server vulnerability?
You can find more information about the QNAP NAS Proxy Server vulnerability at the following references: [1] http://www.securitytracker.com/id/1041025 [2] https://www.qnap.com/en/security-advisory/nas-201806-01.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/weakness
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/qnap
- canonical/qnap nas proxy server