Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap nas - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-28799
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote malicious users to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4...
Qnap Hybrid Backup Sync
6.1
CVSSv3
CVE-2020-36196
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows malicious users to inject malicious code. This issue affects: QNAP Systems Inc. QuLog Center versions before 1.2.0.
Qnap Qulog Center
9.8
CVSSv3
CVE-2017-13067
QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote malicious user to execute commands on a QNAP NAS using a trans...
Qnap Qts
4.9
CVSSv3
CVE-2021-28815
Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote malicious users to read sensitive information by accessing the unrestricted storage mechanism. This issue affects: QNAP Systems ...
Qnap Myqnapcloud Link
9.8
CVSSv3
CVE-2017-13069
QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and previous versions. If exploited, these vulnerabilities may allow a remote malicious user to run arbitrary commands on the NAS.
Qnap Music Station
5.4
CVSSv3
CVE-2021-34355
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Pho...
Qnap Photo Station
6.1
CVSSv3
CVE-2017-7634
Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and previous versions allows remote malicious users to inject arbitrary web script or HTML. The injected code will only be triggered by a crafted link, not the no...
Qnap Media Streaming Add-on
9.8
CVSSv3
CVE-2021-28800
A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnerability allows malicious users to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions before 4.3...
Qnap Qts
9.8
CVSSv3
CVE-2021-38679
An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulnerability allows malicious users to compromise the security of the system. We have already fixed this vulnerability in the following versions of Kazoo Server...
Qnap Kazoo Server
9.1
CVSSv3
CVE-2022-27593
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an malicious user to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo ...
Qnap Photo Station
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »