Error Message Information Disclosure Vulnerability in QNAP QES 2.1.1 and Earlier

Error Message Information Disclosure Vulnerability in QNAP QES 2.1.1 and Earlier

CVE-2020-2505 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

Learn more about our Web Application Penetration Testing UK.