Search

Security ID : QSA-24-17

Multiple Vulnerabilities in QuFirewall

  • Release date : April 25, 2024

  • CVE identifier : CVE-2023-41290 | CVE-2023-41291

  • Affected products: QuFirewall 2.4.x

Severity

Moderate

Status

Resolved

Summary

Two path traversal vulnerabilities have been reported to affect QuFirewall. If exploited, the vulnerabilities could allow remote attackers to read sensitive data.

  

We have already fixed the vulnerabilities in the following version:

Affected Product Fixed Version
QuFirewall 2.4.x QuFirewall 2.4.1 (2024/02/01) and later

Recommendation

To fix the vulnerabilities, we recommend updating QuFirewall to the latest version.

Updating QuFirewall

  1. Log on to QTS or QuTS hero as an administrator.
  2. Open App Center and then click .
    A search box appears.
  3. Type "QuFirewall" and then press ENTER.
    QuFirewall appears in the search results.
  4. Click Update.
    A confirmation message appears.
    Note: The Update button is not available if your QuFirewall is already up to date.
  5. Click OK.
    The application is updated.

  

Attachment

Acknowledgements: lebr0nli (Alan Li), working with DEVCORE Internship Program

Revision History:
V1.0 (April 27, 2024) - Published

Choose specification

      Show more Less

      Choose Your Country or Region

      back to top