漏洞类别:Local
漏洞等级: 
漏洞信息
Qsync is a cloud-based file synchronization service empowered by QNAP NAS. Simply add files to your local Qsync folder, and they will be available on your NAS and all its connected devices.
One DLL Hijacking vulnerability was recently found in QTS, which may lead to remote code execution
Affected version:
Qsync client version prior to 4.2.3.0915
QID Detection Logic
This checks for vulnerable version of Qsync client .
漏洞危害
Successful exploitation could allow an remote attacker to execute arbitrary code on the Windows machine.
解决方案
Customers are advised to upgrade to the latet version of the software. Refer to the following link for further details: NAS-201712-08
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论