Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qnap helpdesk vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-19946
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an malicious user to spoof a trusted entity by interfering in the communication path between the host and client. QNAP has alr...
Qnap Helpdesk
4.3
CVSSv2
CVE-2018-19948
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow malicious users to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the is...
Qnap Helpdesk
6.4
CVSSv2
CVE-2020-2500
This improper access control vulnerability in Helpdesk allows malicious users to get control of QNAP Kayako service. Attackers can access the sensitive data on QNAP Kayako server with API keys. We have replaced the API key to mitigate the vulnerability, and already fixed the issu...
Qnap Helpdesk
4
CVSSv2
CVE-2018-19947
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.
Qnap Helpdesk
5
CVSSv2
CVE-2018-0728
This improper access control vulnerability in Helpdesk allows malicious users to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.
Qnap Helpdesk
7.5
CVSSv2
CVE-2020-2506
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow malicious users to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNA...
Qnap Helpdesk
7.5
CVSSv2
CVE-2020-2507
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote malicious users to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions before 3.0.3.
Qnap Helpdesk
1 Github repository
6.5
CVSSv2
CVE-2021-28814
An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote malicious users to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions before 3.0.4.
Qnap Helpdesk
7.5
CVSSv2
CVE-2018-0714
Command injection vulnerability in Helpdesk versions 1.1.21 and previous versions in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote malicious users to run arbitrary commands in the compromised applic...
Qnap Helpdesk
5
CVSSv2
CVE-2017-13068
QNAP has already patched this vulnerability. This security concern allows a remote malicious user to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.
Qnap Qts Helpdesk
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started