Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap surveillance station vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2013-0142
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote malicious users to obtain web-server login access via unspecified vectors.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
Qnap Surveillance Station Pro -
Qnap Nas -
6.5
CVSSv2
CVE-2013-0143
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
Qnap Nas -
Qnap Surveillance Station Pro -
1 EDB exploit
7.5
CVSSv2
CVE-2021-38687
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows malicious users to execute arbitrary code. We have already fixed this vulnerability in the following versions of Surveillance Station: ...
Qnap Surveillance Station
7.5
CVSSv2
CVE-2021-28797
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows malicious users to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveill...
Qnap Surveillance Station
7.5
CVSSv2
CVE-2020-2501
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows malicious users to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveill...
Qnap Surveillance Station
7.5
CVSSv2
CVE-2017-12582
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that unprivileged user SID, all function can access at Surveillance Station.
Qnap Ts-212p Firmware 4.2.1
6.8
CVSSv2
CVE-2013-0144
Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote malicious users to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started