CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6003

Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 86.6%

CVSS Severity

CVSS v2 Score 9.3

References

http://www.kb.cert.org/vuls/id/751328
http://www.securitytracker.com/id/1033794
https://www.qnap.com/i/en/support/con_show.php?cid=85
http://www.kb.cert.org/vuls/id/751328
http://www.securitytracker.com/id/1033794
https://www.qnap.com/i/en/support/con_show.php?cid=85

Products affected by CVE-2015-6003

Qnap » Qts » Version: N/A

cpe:2.3:o:qnap:qts:-
Qnap » Qts » Version: 4.0

cpe:2.3:o:qnap:qts:4.0
Qnap » Qts » Version: 4.0.3

cpe:2.3:o:qnap:qts:4.0.3
Qnap » Qts » Version: 4.1.0

cpe:2.3:o:qnap:qts:4.1.0
Qnap » Qts » Version: 4.1.1

cpe:2.3:o:qnap:qts:4.1.1
Qnap » Qts » Version: 4.1.4

cpe:2.3:o:qnap:qts:4.1.4
Qnap » Qts » Version: 4.2.0

cpe:2.3:o:qnap:qts:4.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6003

Products

Pricing

Contact Us