VYPR
Unrated severityNVD Advisory· Published Jun 11, 2021· Updated Sep 17, 2024

Inclusion of Sensitive Information in QSS

CVE-2021-28805

Description

Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.3 build 20210505 on QSW-M2108-2C; versions prior to 1.0.3 build 20210505 on QSW-M2108-2S; versions prior to 1.0.3 build 20210505 on QSW-M2108R-2C; versions prior to 1.0.12 build 20210506 on QSW-M408.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • QNAP Systems Inc./QSSllm-create2 versions
    <1.0.3 build 20210505 on QSW-M2108-2C, <1.0.3 build 20210505 on QSW-M2108-2S, <1.0.3 build 20210505 on QSW-M2108R-2C, <1.0.12 build 20210506 on QSW-M408+ 1 more
    • (no CPE)range: <1.0.3 build 20210505 on QSW-M2108-2C, <1.0.3 build 20210505 on QSW-M2108-2S, <1.0.3 build 20210505 on QSW-M2108R-2C, <1.0.12 build 20210506 on QSW-M408
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.