{"vuid":"VU#487078","idnumber":"487078","name":"QNAP QTS path traversal vulnerability","keywords":["QNAP","QTS","path traversal","CVE-2013-7174"],"overview":"QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal vulnerability.","clean_desc":"CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') - CVE-2013-7174 QNAP QTS is a Network-Attached Storage (NAS) system accessible via a web interface. QNAP QTS 4.0.3 and possibly earlier versions contain a path traversal vulnerability via the cgi-bin/jc.cgi CGI script. The script accepts an \"f\" parameter which takes an unrestricted file path as input.","impact":"A remote unauthenticated attacker could obtain sensitive information.","resolution":"Apply an Update QNAP advises users to upgrade to QTS version 4.1.0. In addition, the following workaround is available:","workarounds":"Restrict Access Enable firewall rules to restrict access to port 80/tcp from external untrusted sources.","sysaffected":"","thanks":"Thanks to the reporter that wishes to remain anonymous.","author":"This document was written by Todd Lewellen.","public":["http://www.qnap.com/event/qts_4.0_v2/","http://www.qnap.com/v3/en/product_x_down/"],"cveids":["CVE-2013-7174"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2013-10-14T19:33:19Z","publicdate":"2014-01-08T00:00:00Z","datefirstpublished":"2014-01-08T16:45:22Z","dateupdated":"2014-01-08T16:46:16Z","revision":16,"vrda_d1_directreport":"1","vrda_d1_population":"2","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"C","cvss_integrityimpact":"N","cvss_availabilityimpact":"N","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"L","cvss_targetdistribution":"L","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"7.8","cvss_basevector":"AV:N/AC:L/Au:N/C:C/I:N/A:N","cvss_temporalscore":"6.4","cvss_environmentalscore":"1.697976565252","cvss_environmentalvector":"CDP:L/TD:L/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}