Information Disclosure Vulnerability in QNAP QTS 4.2.6 and 4.3.3

Information Disclosure Vulnerability in QNAP QTS 4.2.6 and 4.3.3

CVE-2017-7630 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.

Learn more about our Web Application Penetration Testing UK.