Search

Security ID : QSA-23-08

Vulnerability in QVR Pro Client

  • Release date : September 8, 2023

  • CVE identifier : CVE-2022-27599

  • Affected products: QVR Pro Client 2.3

Severity

Moderate

Status

Resolved

Summary

An insertion of sensitive information into log file vulnerability has been reported to affect QVR Pro Client. If exploited, the vulnerability could provide local authenticated administrators with a less-protected path to acquire information via unspecified vectors.

We have already fixed the vulnerability in the following version:

  • QVR Pro Client 2.3.0.0420 and later

Recommendation

To secure your device, we recommend regularly updating your system and applications to their latest versions to benefit from vulnerability fixes. 

Updating QVR Pro Client

To download the latest version of QVR Pro Client for your operating system, please visit https://www.qnap.com/en/utilities/surveillance/.

Attachment

Acknowledgements: Runzi Zhao, Security Researcher, QI-ANXIN

Revision History:
V1.0 (September 08, 2023) - Published

選擇規格

      顯示更多 隱藏更多

      選擇其他偏好的語言:

      open menu
      back to top