Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qts vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-7876
This command injection vulnerability in QTS allows malicious users to run arbitrary commands in the compromised application. QNAP have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3.0174 build 20170503 and later versions.
Qnap Qts
6.1
CVSSv3
CVE-2015-5664
Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS prior to 4.2.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Qnap Qts
9.8
CVSSv3
CVE-2017-6360
QNAP QTS prior to 4.2.4 Build 20170313 allows malicious users to gain administrator privileges and obtain sensitive information via unspecified vectors.
Qnap Qts
1 EDB exploit
9.8
CVSSv3
CVE-2017-6361
QNAP QTS prior to 4.2.4 Build 20170313 allows malicious users to execute arbitrary commands via unspecified vectors.
Qnap Qts
1 EDB exploit
7.5
CVSSv3
CVE-2017-7629
QNAP QTS prior to 4.2.6 build 20170517 has a flaw in the change password function.
Qnap Qts
7.5
CVSSv3
CVE-2018-19944
A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote malicious user to gain access to sensitive information. QNAP have already fixed this vulnerability in the following ve...
Qnap Qts
NA
CVE-2015-6003
Directory traversal vulnerability in QNAP QTS prior to 4.1.4 build 0910 and 4.2.x prior to 4.2.0 RC2 build 0910, when AFP is enabled, allows remote malicious users to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.
Qnap Qts
7.5
CVSSv3
CVE-2017-5227
QNAP QTS prior to 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file.
Qnap Qts
1 EDB exploit
7.2
CVSSv3
CVE-2020-2492
If exploited, the command injection vulnerability could allow remote malicious users to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions before 4.4.3.1421 on build 20200907.
Qnap Qts
9.1
CVSSv3
CVE-2018-19945
A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed ...
Qnap Qts
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »