RSS   Podatności dla 'Sanos'   RSS

2021-07-07
 
CVE-2021-32519

CWE-916
 

 
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-text password by brute-forcing the MD5 hash.

 
 
CVE-2021-32521

CWE-798
 

 
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges.

 
 
CVE-2021-32522

CWE-307
 

 

 
 
CVE-2021-32529

CWE-77
 

 
Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands.

 
 
CVE-2021-32533

CWE-78
 

 
The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions.

 
 
CVE-2021-32534

CWE-78
 

 
QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions.

 
 
CVE-2021-32535

CWE-798
 

 

 

 >>> Vendor: QSAN 3 Produkty
Sanos
XEVO
Storage manager


Copyright 2021, cxsecurity.com

 

Back to Top