3Likes
LinkBack URL
About LinkBacks
Remote Code Execution vulnerability in ALL versions of qBittorrent before 5.0.1
All qBittorrent users are urged to update to 5.0.1, downloading it directly from https:// qbittorrent org (not by using the built-in updater!) due to a RCE bug in all other allowed versions.
Due to a bad choice back in 2010, qBittorrent does not check ANY SSL/TLS certificates. Due to this and other flaws, it opens up a risk of a Man-In-The-Middle attack that is then used as a Remote Code Execution, with either minimal or no user interaction required.
Included in the bad processes are the update check AND download, RSS feeds, favicons, automatic Python download on Windows, and the Maxmind GeoIP database update.
Torrent Invites! Buy, Trade, Sell Or Find Free Invites, For EVERY Private Tracker! HDBits.org, BTN, PTP, MTV, Empornium, Orpheus, Bibliotik, RED, IPT, TL, PHD etc!
Results 1 to 3 of 3
Thread: ReelFliX : News
-
11-03-2024 #1"You Only Live Once"
- Reputation Points
- 259010
- Reputation Power
- 100
- Join Date
- Feb 2013
- Posts
- 12,557
- Time Online
- 240 d 1 h 10 m
- Avg. Time Online
- 1 h 19 m
- Mentioned
- 2579 Post(s)
- Quoted
- 498 Post(s)
- Liked
- 8524 times
- Feedbacks
- 657 (100%)
ReelFliX : News
-
11-03-2024 #2Extreme User
- Reputation Points
- 219977
- Reputation Power
- 100
- Join Date
- Sep 2012
- Posts
- 4,391
- Time Online
- 165 d 12 h 7 m
- Avg. Time Online
- 54 m
- Mentioned
- 1515 Post(s)
- Quoted
- 305 Post(s)
- Liked
- 2801 times
- Feedbacks
- 244 (100%)
Wondering about seedboxes providing 4.3.9 version of qbittorrent for ages and still sticking with the same.
-
11-04-2024 #3Extreme User
- Reputation Points
- 124156
- Reputation Power
- 100
- Join Date
- Aug 2023
- Posts
- 2,625
- Time Online
- 32 d 4 h 58 m
- Avg. Time Online
- 1 h 19 m
- Mentioned
- 683 Post(s)
- Quoted
- 219 Post(s)
- Liked
- 1458 times
- Feedbacks
- 176 (100%)
I think seedboxes turned automatic into the new interface, https://imgur.com/KVt6cKQ
TI Forum Rules! 
Reply With Quote
