Search

Security ID : QSA-23-08

Vulnerability in QVR Pro Client

  • Release date : September 8, 2023

  • CVE identifier : CVE-2022-27599

  • Affected products: QVR Pro Client 2.3

Severity

Moderate

Status

Resolved

Summary

An insertion of sensitive information into log file vulnerability has been reported to affect QVR Pro Client. If exploited, the vulnerability could provide local authenticated administrators with a less-protected path to acquire information via unspecified vectors.

We have already fixed the vulnerability in the following version:

  • QVR Pro Client 2.3.0.0420 and later

Recommendation

To secure your device, we recommend regularly updating your system and applications to their latest versions to benefit from vulnerability fixes. 

Updating QVR Pro Client

To download the latest version of QVR Pro Client for your operating system, please visit https://www.qnap.com/en/utilities/surveillance/.

Attachment

Acknowledgements: Runzi Zhao, Security Researcher, QI-ANXIN

Revision History:
V1.0 (September 08, 2023) - Published

Choose specification

      Show more Less

      Choose Your Country or Region

      open menu
      back to top