ALT-PU-2017-2185-1
Package qbittorrent updated to version 3.3.16-alt1 for branch sisyphus in task 188069.
Closed vulnerabilities
Published: 2019-05-09
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-12778
The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\
Severity: HIGH (7.1)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
References:
- http://archive.is/eF2GR
- http://archive.is/eF2GR
- https://github.com/qbittorrent/qBittorrent/wiki/I-forgot-my-UI-lock-password
- https://github.com/qbittorrent/qBittorrent/wiki/I-forgot-my-UI-lock-password
- https://medium.com/%40BaYinMin/cve-2017-12778-qbittorrent-ui-lock-authentication-bypass-30959ff55ada
- https://medium.com/%40BaYinMin/cve-2017-12778-qbittorrent-ui-lock-authentication-bypass-30959ff55ada