[URGENT] Windows qBittorrent 4.5.1 WebUI Vulnerability
The Windows version of qBittorrent v4.5.1 has a reported vulnerability when using the web client. A bug allows a remote attacker to browse files on your system.

v4.5.0 may be affected as well.
v4.4.5 and below are not affected by this bug.


The bug is described here. https://github.com/qbittorrent/qBittorrent/issues/18618

If you use the Windows version of qBittorrent v4.5.1 and it has a port open to the internet disable the webUI until there is a fix. Or roll back to v4.4.5 or below. If you never enabled the webUI you should be OK since it is off by default.

Thread: Windows qBittorrent 4.5.1 WebUI Vulnerability

UPDATE:

Tuesday Feb 28th 2023 - qBittorrent v4.5.2 release
qBittorrent v4.5.2 was released.
SECURITY: This version contains a security bugfix in the web server. The bug allowed for any file on the user's filesystem to be served without any authentication. This affects users that have enabled the WebUI/WebAPI. It seems to affect only v4.5.0 and v4.5.1 on Windows.
NOTE: macOS builds are self-signed now. It should help with macOS permissions dialogs.



qBittorrent Enhanced Edition v4.5.2.10 Latest
Changelog

Official Update (v4.5.2)