Vulnerability Description
Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary files via a specially crafted command.
CVSS Score
9.1
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualitysoft | Qnd Advance\/Standard | <= 10.3i |
Related Weaknesses (CWE)
References
- http://www.qualitysoft.com/qnd_vulnerabilitiesIssue TrackingVendor Advisory
- https://jvn.jp/en/vu/JVNVU94198685/index.htmlThird Party AdvisoryVDB Entry
- http://www.qualitysoft.com/qnd_vulnerabilitiesIssue TrackingVendor Advisory
- https://jvn.jp/en/vu/JVNVU94198685/index.htmlThird Party AdvisoryVDB Entry
FAQ
What is CVE-2017-10861?
CVE-2017-10861 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Directory traversal vulnerability in QND Advance/Standard allows an attacker to read arbitrary files via a specially crafted command.
How severe is CVE-2017-10861?
CVE-2017-10861 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-10861?
Check the references section above for vendor advisories and patch information. Affected products include: Qualitysoft Qnd Advance\/Standard.