返回列表 发布新帖

[官方消息] 【Redacted】qB4.5.1 WebUI安全漏洞

680 0
发表于 2023-2-27 17:23:54 | 查看全部 阅读模式

来吧兄弟,一起玩一起讨论!

您需要 登录 才可以下载或查看,没有账号?注册

×
Redacted - Security vulnerability in qBittorrent 4.5.1 Windows WebUI


It has come to our attention that there is a significant security vulnerability in the WebUI of qBittorrent 4.5.1 running on Windows. The vulnerability is classified as an "unauthenticated path traversal", meaning anyone who can reach the WebUI port can download/copy arbitrary files from anywhere on your computer.

The exact combination of versions and operating systems impacted is unclear, however early results seem to indicate that qBT 4.4.x is unaffected.

The WebUI is not enabled by default, so most users are probably unaffected. If you are using the WebUI, it is highly recommended to do some combination of the following until a patched version (4.5.2?) is available:
Disable the WebUI
Downgrade to an unaffected version, likely 4.4.x
Ensure that the WebUI port is not exposed to untrusted networks -- this means the internet, but also college campuses and any other shared networks.

We are not removing 4.5.1 or 4.5.x from the client whitelist at this time as it is believed that the majority of users are unaffected, however that may change as the situation develops.
游客,如果您要查看本帖隐藏内容请回复

回复

您需要登录后才可以回帖 登录 | 注册

本版积分规则

淘宝小店

邀请码

VIP会员

微信客服

公众号

微信群

投诉/建议联系

support@gebi1.cn

未经授权禁止转载,复制和建立镜像,
如有违反,追究法律责任
  • 关注公众号
  • 添加微信客服
Copyright © 2001-2024 隔壁网 版权所有 All Rights Reserved. 粤ICP备14056481号-1
关灯 在本版发帖
扫一扫添加微信客服
返回顶部
快速回复 返回顶部 返回列表