Skip to main content

Quts Hero

170 CVEs product

Monthly

CVE-2024-13086 MEDIUM This Month

An exposure of sensitive information vulnerability has been reported to affect product. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qts Quts Hero
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-53691 HIGH This Week

A link following vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
8.7
EPSS
20.1%
CVE-2024-50403 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.5%
CVE-2024-50402 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.5%
CVE-2024-50393 HIGH This Week

A command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Qnap Qts Quts Hero
NVD
CVSS 4.0
8.7
EPSS
1.3%
CVE-2024-48868 HIGH This Week

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Qnap Qts Quts Hero
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2024-48867 MEDIUM This Month

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Qnap Qts Quts Hero
NVD
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-48866 LOW Monitor

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.3
EPSS
0.4%
CVE-2024-48865 HIGH This Week

An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
7.3
EPSS
0.2%
CVE-2024-48859 MEDIUM This Month

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qnap Qts Quts Hero
NVD
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-50401 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
CVE-2024-50400 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
CVE-2024-50399 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
CVE-2024-50398 LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.6%
CVE-2024-50397 HIGH This Week

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
7.7
EPSS
0.7%
CVE-2024-50396 HIGH This Week

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
7.7
EPSS
0.6%
CVE-2024-37050 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37049 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37048 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37047 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37046 LOW Monitor

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
2.1
EPSS
0.7%
CVE-2024-37045 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37044 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-37043 MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.7%
CVE-2024-37042 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.6%
CVE-2024-37041 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.1
EPSS
0.8%
CVE-2024-38641 HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Command Injection Qnap Qts Quts Hero
NVD
CVSS 4.0
7.3
EPSS
0.5%
CVE-2024-32771 LOW Monitor

An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 3.1
2.4
EPSS
0.2%
CVE-2024-32763 MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-21906 MEDIUM This Month

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts Quts Hero
NVD
CVSS 3.1
4.7
EPSS
0.8%
CVE-2024-21904 MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-21903 MEDIUM This Month

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts Quts Hero
NVD
CVSS 3.1
4.7
EPSS
0.8%
CVE-2024-21898 HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-21897 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qnap Qts Quts Hero
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-32765 MEDIUM This Month

A vulnerability has been reported to affect Network & Virtual Switch. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qts Quts Hero
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2024-27130 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
38.1%
CVE-2024-27129 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-27128 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-27127 HIGH This Week

A double free vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Qnap Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-21902 HIGH This Week

An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts Quts Hero
NVD
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-32766 CRITICAL Act Now

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
10.0
EPSS
2.3%
CVE-2024-27124 HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2024-21905 HIGH This Week

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Qnap Qts Quts Hero +1
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2024-21900 MEDIUM This Month

An injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
6.5
EPSS
9.4%
CVE-2024-21899 CRITICAL POC THREAT Act Now

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
9.8
EPSS
24.4%
CVE-2023-45044 LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2023-45043 LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2023-45042 LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2023-45041 LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2023-45040 LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2023-45039 LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
3.8
EPSS
0.1%
CVE-2023-39296 HIGH POC This Week

A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Prototype Pollution Qnap Qts Quts Hero
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-39294 MEDIUM This Month

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts Quts Hero
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2023-32975 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-32968 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-23372 MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap XSS Qts Quts Hero
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2023-23367 HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2023-39301 MEDIUM This Month

A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap SSRF Qts Quts Hero Qutscloud
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2023-23368 CRITICAL Act Now

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero Qutscloud
NVD
CVSS 3.1
9.8
EPSS
18.7%
CVE-2023-32974 HIGH This Week

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Path Traversal Information Disclosure Qts Quts Hero +1
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-32973 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-32970 MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Qnap Qts Quts Hero +1
NVD
CVSS 3.1
4.9
EPSS
0.5%
CVE-2023-32972 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-32971 HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-23362 HIGH This Week

An OS command injection vulnerability has been reported to affect QNAP operating systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero Qutscloud
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2023-34973 MEDIUM This Month

An insufficient entropy vulnerability has been reported to affect QNAP operating systems. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Information Disclosure Qts Quts Hero
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-34972 MEDIUM This Month

A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qnap Information Disclosure Qts Quts Hero
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-34971 HIGH This Week

An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qnap Information Disclosure Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2023-23355 HIGH This Week

An OS command injection vulnerability has been reported to affect QNAP operating systems. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qvr Qts Quts Hero +8
NVD
CVSS 3.1
7.2
EPSS
1.2%
CVE-2021-34343 HIGH This Week

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap RCE Memory Corruption Qts +2
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2021-28816 HIGH This Week

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap RCE Memory Corruption Qts +2
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2021-28804 CRITICAL Act Now

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-28802 CRITICAL Act Now

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-28806 MEDIUM This Month

A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Qts Quts Hero Qutscloud
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-28798 HIGH This Week

A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Qnap Qts Quts Hero
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-25847 HIGH This Week

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts Quts Hero
NVD
CVSS 3.1
8.8
EPSS
2.5%
CVE-2020-2498 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-2497 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2496 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2495 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
1.0%
EPSS 0% CVSS 5.3
MEDIUM This Month

An exposure of sensitive information vulnerability has been reported to affect product. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qts Quts Hero
NVD
EPSS 20% CVSS 8.7
HIGH This Week

A link following vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 0% CVSS 2.1
LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 2.1
LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 8.7
HIGH This Week

A command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Qnap Qts +1
NVD
EPSS 0% CVSS 8.7
HIGH This Week

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Qnap Qts +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Qnap Qts +1
NVD
EPSS 0% CVSS 2.3
LOW Monitor

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qnap Qts +1
NVD
EPSS 1% CVSS 2.1
LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 2.1
LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 2.1
LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 2.1
LOW Monitor

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 7.7
HIGH This Week

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 7.7
HIGH This Week

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap +2
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 2.1
LOW Monitor

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap +2
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap +2
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap +2
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qnap +2
NVD
EPSS 1% CVSS 5.1
MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 7.3
HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.3), this vulnerability is no authentication required. No vendor patch available.

Command Injection Qnap Qts +1
NVD
EPSS 0% CVSS 2.4
LOW Monitor

An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Qnap +2
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qnap Qts +1
NVD
EPSS 0% CVSS 4.2
MEDIUM This Month

A vulnerability has been reported to affect Network & Virtual Switch. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qts Quts Hero
NVD
EPSS 38% CVSS 8.8
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A double free vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Qnap Qts +1
NVD
EPSS 0% CVSS 8.1
HIGH This Week

An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Qnap Qts +1
NVD
EPSS 2% CVSS 10.0
CRITICAL Act Now

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Qnap Qts +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Qnap Qts +2
NVD
EPSS 0% CVSS 8.2
HIGH This Week

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Qnap +3
NVD
EPSS 9% CVSS 6.5
MEDIUM This Month

An injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Qnap Qts +2
NVD
EPSS 24% CVSS 9.8
CRITICAL POC THREAT Act Now

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qnap Qts +2
NVD
EPSS 0% CVSS 3.8
LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 3.8
LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 3.8
LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 3.8
LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 3.8
LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 3.8
LOW Monitor

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Prototype Pollution Qnap +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Qnap Qts +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap XSS Qts +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts +2
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap SSRF Qts +2
NVD
EPSS 19% CVSS 9.8
CRITICAL Act Now

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A path traversal vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Path Traversal Information Disclosure +3
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Qnap +3
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap Qts +2
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An OS command injection vulnerability has been reported to affect QNAP operating systems. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts +2
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An insufficient entropy vulnerability has been reported to affect QNAP operating systems. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Information Disclosure Qts +1
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qnap Information Disclosure Qts +1
NVD
EPSS 0% CVSS 8.8
HIGH This Week

An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qnap Information Disclosure Qts +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An OS command injection vulnerability has been reported to affect QNAP operating systems. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qvr +10
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap RCE +4
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Qnap RCE +4
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qnap Command Injection Qts +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap XSS Qts +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Qnap Qts +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qnap Command Injection Qts +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy