Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap nas - vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv2
CVE-2009-3200
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this ...
Qnap Ts-239 Pro Turbo Nas 3.1.0 0627
Qnap Ts-639 Pro Turbo Nas 2.1.7 0613
Qnap Ts-239 Pro Turbo Nas 3.1.1 0815
Qnap Ts-639 Pro Turbo Nas 3.1.0 0627
Qnap Ts-239 Pro Turbo Nas 2.1.7 0613
Qnap Ts-639 Pro Turbo Nas 3.1.1 0815
4.9
CVSSv2
CVE-2009-3279
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create a LUKS partition by using the AES-256 cipher in plain CBC mode, which allows local users to obtain sensitive information via a watermark attack.
Qnap Ts-239 Pro Turbo Nas 3.1.0 0627
Qnap Ts-639 Pro Turbo Nas 2.1.7 0613
Qnap Ts-239 Pro Turbo Nas 3.1.1 0815
Qnap Ts-639 Pro Turbo Nas 3.1.0 0627
Qnap Ts-239 Pro Turbo Nas 2.1.7 0613
Qnap Ts-639 Pro Turbo Nas 3.1.1 0815
10
CVSSv2
CVE-2017-7637
QNAP NAS application Proxy Server through version 1.2.0 allows remote malicious users to run arbitrary OS commands against the system with root privileges.
Qnap Nas Proxy Server
6.8
CVSSv2
CVE-2017-7635
QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections.
Qnap Nas Proxy Server
4.3
CVSSv2
CVE-2017-7636
Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote malicious users to inject arbitrary web script or HTML.
Qnap Nas Proxy Server
5
CVSSv2
CVE-2017-7639
QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server.
Qnap Nas Proxy Server
3.5
CVSSv2
CVE-2021-34359
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QT...
Qnap Nas Proxy Server
6.8
CVSSv2
CVE-2021-34360
A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Ser...
Qnap Nas Proxy Server
4.3
CVSSv2
CVE-2021-34361
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote malicious users to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QT...
Qnap Nas Proxy Server
5
CVSSv2
CVE-2013-0142
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote malicious users to obtain web-server login access via unspecified vectors.
Qnap Viostor Network Video Recorder 4.0.3
Qnap Viostor Network Video Recorder -
Qnap Surveillance Station Pro -
Qnap Nas -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »