Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap qts 4.2.6 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-0719
Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP Systems Inc. QTS allows malicious users to inject javascript. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version ...
Qnap Qts 4.2.6
Qnap Qts 4.3.4
Qnap Qts 4.3.3
383
VMScore
CVE-2017-13072
Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote malicious users to inject Javascript code.
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.2.6
312
VMScore
CVE-2019-7197
A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an malicious user to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS ...
Qnap Qts 4.2.6
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.3.6
Qnap Qts 4.4.1
445
VMScore
CVE-2017-7630
QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.
Qnap Qts 4.2.6
Qnap Qts 4.3.3
383
VMScore
CVE-2017-7631
Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Qnap Qts 4.2.6
Qnap Qts 4.3.3
383
VMScore
CVE-2017-7632
Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Qnap Qts 4.3.3
Qnap Qts 4.2.6
490
VMScore
CVE-2021-44052
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote malicious users to traverse the file system to unintended locati...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
383
VMScore
CVE-2021-44053
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
516
VMScore
CVE-2021-44054
An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows malicious users to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the follo...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
578
VMScore
CVE-2021-44051
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote malicious users to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »