Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap qts vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-19943
If exploited, this cross-site scripting vulnerability could allow remote malicious users to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 bui...
Qnap Qts
Qnap Qts 4.2.6
8.1
CVSSv3
CVE-2021-44052
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote malicious users to traverse the file system to unintended locati...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
6.1
CVSSv3
CVE-2021-44053
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
6.1
CVSSv3
CVE-2021-44054
An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows malicious users to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the follo...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
8.8
CVSSv3
CVE-2021-44051
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote malicious users to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, ...
Qnap Qts 4.2.6
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
5.3
CVSSv3
CVE-2017-7630
QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.
Qnap Qts 4.2.6
Qnap Qts 4.3.3
6.1
CVSSv3
CVE-2017-7631
Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Qnap Qts 4.2.6
Qnap Qts 4.3.3
6.1
CVSSv3
CVE-2017-7632
Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and previous versions allows remote malicious users to inject arbitrary web script or HTML.
Qnap Qts 4.3.3
Qnap Qts 4.2.6
6.5
CVSSv3
CVE-2024-21900
An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 buil...
Qnap Qts 5.1.3.2578
Qnap Quts Hero H5.1.3.2578
Qnap Qts
Qnap Quts Hero
Qnap Qutscloud
1 Article
7.2
CVSSv3
CVE-2023-32973
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the fo...
Qnap Quts Hero
Qnap Qts
Qnap Qutscloud
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »