Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap qts 4.2.6 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-14747
NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and previous versions versions could allow remote malicious users to crash the NAS media server.
Qnap Qts 4.3.5
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.2.6
7.5
CVSSv3
CVE-2018-14748
Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and previous versions versions could allow remote malicious users to power off the NAS.
Qnap Qts 4.3.3
Qnap Qts 4.2.6
Qnap Qts 4.3.5
Qnap Qts 4.3.4
4.8
CVSSv3
CVE-2019-7197
A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an malicious user to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS ...
Qnap Qts 4.2.6
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.3.6
Qnap Qts 4.4.1
5.3
CVSSv3
CVE-2017-7630
QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.
Qnap Qts 4.2.6
Qnap Qts 4.3.3
6.1
CVSSv3
CVE-2017-7631
Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Qnap Qts 4.2.6
Qnap Qts 4.3.3
6.1
CVSSv3
CVE-2017-7632
Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Qnap Qts 4.3.3
Qnap Qts 4.2.6
8.8
CVSSv3
CVE-2021-44051
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote malicious users to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
8.1
CVSSv3
CVE-2021-44052
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote malicious users to traverse the file system to unintended locati...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
6.1
CVSSv3
CVE-2021-44053
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
6.1
CVSSv3
CVE-2021-44054
An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows malicious users to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the follo...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »