Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-21900
An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 buil...
Qnap Qts 5.1.3.2578
Qnap Quts Hero H5.1.3.2578
Qnap Qts
Qnap Quts Hero
Qnap Qutscloud
1 Article
3.5
CVSSv2
CVE-2019-7197
A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an malicious user to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS ...
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.2.6
Qnap Qts 4.3.6
Qnap Qts 4.4.1
5.8
CVSSv2
CVE-2021-44054
An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows malicious users to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the follo...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
4.3
CVSSv2
CVE-2021-44053
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
6.5
CVSSv2
CVE-2021-44051
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote malicious users to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
5.5
CVSSv2
CVE-2021-44052
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote malicious users to traverse the file system to unintended locati...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
2.1
CVSSv2
CVE-2014-5457
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.
Qnap Ts-469u Firmware 4.0.7
Qnap Ts-469u -
Qnap Ts-ec1679u-rp Firmware 4.0.7
Qnap Ts-ec1679u-rp -
Qnap Ts-459u Firmware 4.0.7
Qnap Ts-459u -
Qnap Ss-839 Firmware 4.0.7
Qnap Ss-839 -
7.8
CVSSv2
CVE-2018-14748
Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and previous versions versions could allow remote malicious users to power off the NAS.
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.2.6
Qnap Qts 4.3.5
7.5
CVSSv2
CVE-2018-14749
Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and previous versions versions could have unspecified impact on the NAS.
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.2.6
Qnap Qts 4.3.5
4.3
CVSSv2
CVE-2018-0716
Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and previous versions versions could allow remote malicious users to inject Javascript code in the compromised applicatio...
Qnap Qts 4.3.3
Qnap Qts 4.3.4
Qnap Qts 4.2.6
Qnap Qts 4.3.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »