What is CVE-2021-32527?

CVE-2021-32527 is a high-severity vulnerability in Qsan Storage Manager, classified under Path Traversal. CVSS score: 7.5/10. Published 2021-07-07.

How severe is CVE-2021-32527?

High severity. CVSS v3 base score is 7.5 out of 10.

Is CVE-2021-32527 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Path Traversal in Qsan Storage Manager

CVE-2021-32527

Path traversal vulnerability in QSAN Storage Manager allows remote unauthenticated attackers to download arbitrary files thru injecting file path in download function. Suggest contacting with QSAN and refer to recommendations in QSAN Docum…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.007 (72.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N.

Affected products

Qsan Storage Manager — versions unspecified

Weakness classification (CWE)

CWE-22 — Path Traversal

Public proof-of-concept exploits

4RG0S/2021-Summer-Some-Day-Exploit

References

www.twcert.org.tw/tw/cp-132-4883-aef9d-1.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2021-32527?: CVE-2021-32527 is a high-severity vulnerability in Qsan Storage Manager, classified under Path Traversal. CVSS score: 7.5/10. Published 2021-07-07.
How severe is CVE-2021-32527?: High severity. CVSS v3 base score is 7.5 out of 10.
Is CVE-2021-32527 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.