CVE Daily

CVE-2020-2504

If exploited, this absolute path traversal vulnerability could allow attackers t...

Medium CVSS 5.8

Overview

If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

CWE: CWE-20 Published: 2020-12-24T02:15:12.657
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.8 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags