Sensitive Domain Administrator Password Disclosure in QNAP QTS

Sensitive Domain Administrator Password Disclosure in QNAP QTS

CVE-2017-5227 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.