Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap nas - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-28797
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows malicious users to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveill...
Qnap Surveillance Station
10
CVSSv2
CVE-2017-10700
In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can execute arbitrary system commands as the root user of the NAS application.
Qnap Qts 4.3.3.0229
6.4
CVSSv2
CVE-2017-7638
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.
Qnap Media Streaming Add-on
6.8
CVSSv2
CVE-2017-7641
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions does not utilize CSRF protections.
Qnap Media Streaming Add-on
6.5
CVSSv2
CVE-2021-28814
An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote malicious users to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions before 3.0.4.
Qnap Helpdesk
5
CVSSv2
CVE-2017-7633
QNAP Qfinder Pro 6.1.0.0317 and previous versions may expose sensitive information contained in NAS devices. If exploited, this may allow malicious users to further compromise the device.
Qnap Qfinder Pro
10
CVSSv2
CVE-2017-7640
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions allows remote malicious users to run arbitrary OS commands against the system with root privileges.
Qnap Media Streaming Add-on
4.3
CVSSv2
CVE-2018-19948
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow malicious users to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the is...
Qnap Helpdesk
4.3
CVSSv2
CVE-2021-38681
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote malicious users to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Cente...
Qnap Ragic Cloud Db
4.3
CVSSv2
CVE-2017-13073
Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote malicious users to inject arbitrary web script or HTML.
Qnap Photo Station
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »