QBittorrent Web UI Default Credentials Leads to RCE | VulnCheck Advisories

Go back

QBittorrent Web UI Default Credentials Leads to RCE

severity: critical
date: October 10, 2023
Affecting: All known versions of Qbittorrent. Unpatched as of v4.5.5.
CVE: CVE-2023-30801
CVE type: Use of Default Credentials
CVSS: 9.8
CVSS V3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References: Exploited in the wild