Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qsan storage manager vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-32521
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local malicious users to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document.
Qsan Xevo
Qsan Sanos
Qsan Storage Manager
5
CVSSv2
CVE-2021-32522
Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote malicious users to discover users’ credentials and obtain access via a brute force attack. Suggest contacting with QSAN and refer to recommendations in...
Qsan Xevo
Qsan Sanos
Qsan Storage Manager
5
CVSSv2
CVE-2021-32519
Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote malicious users to recover the plain-text password by brute-forcing the MD5 hash. The referred vulnerability has been solved with the updated version of QS...
Qsan Xevo
Qsan Sanos
Qsan Storage Manager
4
CVSSv2
CVE-2021-32510
QSAN Storage Manager through directory listing vulnerability in antivirus function allows remote authenticated malicious users to list arbitrary directories by injecting file path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manag...
Qsan Storage Manager
5
CVSSv2
CVE-2021-32514
Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote malicious users to reboot and discontinue the device. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
Qsan Storage Manager
5
CVSSv2
CVE-2021-32516
Path traversal vulnerability in share_link in QSAN Storage Manager allows remote malicious users to download arbitrary files. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
Qsan Storage Manager
5
CVSSv2
CVE-2021-32518
A vulnerability in share_link in QSAN Storage Manager allows remote malicious users to create a symbolic link then access arbitrary files. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3.
Qsan Storage Manager
6.5
CVSSv2
CVE-2021-32523
Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to bypass the access control and execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document.
Qsan Storage Manager
6.5
CVSSv2
CVE-2021-32524
Command injection vulnerability in QSAN Storage Manager allows remote privileged users to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document.
Qsan Storage Manager
4
CVSSv2
CVE-2021-32526
Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote malicious users to access arbitrary password files. Suggest contacting with QSAN and refer to recommendations in QSAN Document.
Qsan Storage Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »