CVE-2017-10861 – This directory traversal vulnerability in QND A... (How to Fix)

Q: What is the severity of CVE-2017-10861?

CVE-2017-10861 has a CVSS score of 9.1 (CRITICAL). This directory traversal vulnerability in QND Advance/Standard allows attackers to read arbitrary files on the server by manipulating file paths in commands. It affects organizations using Qualitysoft's QND software, potentially exposing sensitive configuration files, credentials, or other critical data.

📋 TL;DR

This directory traversal vulnerability in QND Advance/Standard allows attackers to read arbitrary files on the server by manipulating file paths in commands. It affects organizations using Qualitysoft's QND software, potentially exposing sensitive configuration files, credentials, or other critical data.

💻 Affected Systems

Products:

QND Advance
QND Standard

Versions: All versions prior to the fix

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Affects both Windows and Linux installations of QND software. The vulnerability exists in how the software handles file path inputs.

📦 What is this software?

Qnd Advance\/standard by Qualitysoft

View all CVEs affecting Qnd Advance\/standard →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through reading sensitive files like configuration files containing credentials, SSH keys, or database passwords, leading to lateral movement and data exfiltration.

🟠

Likely Case

Unauthorized access to sensitive files containing application configuration, user data, or system information that could enable further attacks.

🟢

If Mitigated

Limited impact with proper file permissions, network segmentation, and monitoring in place to detect and block traversal attempts.

🌐 Internet-Facing: HIGH - If the vulnerable QND service is exposed to the internet, attackers can directly exploit it without network access.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to escalate privileges or access sensitive data.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Directory traversal vulnerabilities are well-understood and easy to exploit. Public references indicate the vulnerability is documented and likely has exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Qualitysoft vendor advisory for specific patched versions

Vendor Advisory: http://www.qualitysoft.com/qnd_vulnerabilities

Restart Required: Yes

Instructions:

1. Contact Qualitysoft support for the latest patched version. 2. Backup current configuration and data. 3. Install the patched version following vendor instructions. 4. Restart the QND service. 5. Verify the fix by testing traversal attempts.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation to reject any file paths containing directory traversal sequences like ../ or ..\

Implement in application code: if (path.contains("..") || path.contains("%2e%2e")) { reject_input(); }

File System Permissions Restriction

all

Run QND service with minimal file system permissions, restricting access to only necessary directories.

chmod 750 /path/to/qnd/data (Linux)
icacls "C:\Program Files\QND" /deny "Users:(OI)(CI)(RX)" (Windows)

🧯 If You Can't Patch

Implement network segmentation to isolate QND servers from sensitive systems and restrict access to trusted IPs only.
Deploy a web application firewall (WAF) with rules to block directory traversal patterns in requests.

🔍 How to Verify

Check if Vulnerable:

Test by attempting to access files outside the intended directory using traversal sequences (e.g., ../../etc/passwd on Linux or ..\..\windows\win.ini on Windows) via QND commands.

Check Version:

Check QND application version through its admin interface or configuration files. On Linux: cat /opt/qnd/version.txt. On Windows: Check registry or installation directory.

Verify Fix Applied:

After patching, repeat the traversal tests. Successful attempts should be blocked or return errors instead of file contents.

📡 Detection & Monitoring

Log Indicators:

Log entries showing file access attempts with ../ or ..\ sequences
Failed authentication attempts followed by file access patterns

Network Indicators:

HTTP/network requests containing directory traversal patterns in parameters
Unusual file access patterns from single IPs

SIEM Query:

source="qnd_logs" AND ("..\" OR "../" OR "%2e%2e")

📊 Metadata

CVE ID: CVE-2017-10861

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-22

Published: December 1, 2017

Last Updated: April 20, 2025

🔗 References

http://www.qualitysoft.com/qnd_vulnerabilities Issue Tracking,Vendor Advisory
https://jvn.jp/en/vu/JVNVU94198685/index.html Third Party Advisory,VDB Entry
http://www.qualitysoft.com/qnd_vulnerabilities Issue Tracking,Vendor Advisory
https://jvn.jp/en/vu/JVNVU94198685/index.html Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-10861, you might also want to check these: