CVE-2025-46617 – Quantum StorNext Web GUI API Unauthorized Configuration Access and Modification

April 25, 2025

CVE ID : CVE-2025-46617

Published : April 25, 2025, 7:15 a.m. | 14 minutes ago

Description : Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticlePasses is a GUI tool to manage your digital passes

Next Article CVE-2025-46616 – Quantum StorNext Web GUI API RCE

Designing Better UX For Left-Handed People

This week in AI dev tools: Gemini 2.5 Flash-Lite, GitLab Duo Agent Platform beta, and more (July 25, 2025)

Tenable updates Vulnerability Priority Rating scoring method to flag fewer vulnerabilities as critical

Google adds updated workspace templates in Firebase Studio that leverage new Agent mode

DistroWatch Weekly, Issue 1132

I ran with the Apple Watch and Samsung Watch 8 – here’s the better AI coach

8 smart home gadgets that instantly upgraded my house (and why they work)

I tested Panasonic’s new affordable LED TV model – here’s my brutally honest buying advice

The details of TC39’s last meeting

The details of TC39’s last meeting

NativePHP Is Entering Its Next Phase

Medical Card Generator Android App Project Using SQLite

Microsoft Edge shifts to Copilot-first UI on Windows 11 as Perplexity Comet gains traction

Microsoft Edge shifts to Copilot-first UI on Windows 11 as Perplexity Comet gains traction

Is CDKeys Trustworthy? Everything You Need to Know Before Buying

Microsoft confirms Windows 11 24H2 stability issues, affecting games, tests performance fixes

CVE-2025-46617 – Quantum StorNext Web GUI API Unauthorized Configuration Access and Modification

SharePoint under fire: ToolShell attacks hit organizations worldwide

Rogue CAPTCHAs: Look out for phony verification pages spreading malware

CVE-2025-47859 – Apache HTTP Server Information Disclosure

Google’s new open-source coding agent brings Gemini AI directly to your terminal

Windows 11 KB5058502 restores Win + C, direct download links for version 23H2

CVE-2025-40619 – Bookgy Authentication Bypass

Droip: The Next Big Revolution in WordPress – Redefining No-Code Web Building

Gaming on a dual-screen laptop? I tried it with Lenovo’s new Yoga Book 9i for 2025 — Here’s what happened

Samsung MagicINFO 9 Server RCE flaw now exploited in attacks

CVE-2025-53539 – FastAPI Guard Regular Expression Denial of Service (ReDoS)

CVE-2025-46617 – Quantum StorNext Web GUI API Unauthorized Configuration Access and Modification

Related Posts