CVE-2021-37445: 
NixOS vulnerability analysis and mitigation

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading. The vulnerability (CVE-2021-37445) was published on July 25, 2021, affecting the file reading functionality of NCH Quorum software (CISA Bulletin).

The vulnerability allows path traversal through multiple vectors in the application. An authenticated user can exploit this through endpoints like 'logprop?file=/..' to read files outside the intended directory structure. The vulnerability has been assigned a CVSS score of 4.0, indicating medium severity, as it requires authentication but can lead to unauthorized file access (CISA Bulletin).

The vulnerability enables authenticated users to view any file on the remote system via path traversals. This access is dependent on the running context of the application. Notably, attackers can potentially access credential files of other NCH applications often stored in \ProgramData\NCH Software\ (GitHub POC).

NCH Software has marked Quorum as a legacy program that they no longer support. The vendor explicitly warns that the person setup as admin on this program can have access to files on the system (NCH Software).