QNAP Remote Code Execution

QNAP proof of concept stack overflow remote code execution exploit. This has been addressed in versions QTS 5.1.7.2770 build 20240520, hero h5.1.7.2770 build 20240520 and above...

QNAP QTS curl Vulnerability (QSA-24-27)

QNAP QTS is prone to a heap buffer overflow vulnerability in curl. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...

CVE-2024-5241

A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. It has been classified as critical. Affected is an unknown function of the file /manager/ipconfignew.php. The manipulation of the argument dev leads to os command injection. It is possible to...

Huashi Private Cloud CDN Live Streaming Acceleration Server 操作系统命令注入漏洞

Huashi Private Cloud CDN Live Streaming Acceleration Server is a live streaming acceleration service from China Huashi. An OS command injection vulnerability exists in Huashi Private Cloud CDN Live Streaming Acceleration Server version 20240520 and earlier versions, which stems from a gross misus...

PT-2024-4543 · Qnap · Qts +1

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.7.2770 build 20240520 QuTS hero versions prior to h5.1.7.2770 build 20240520 Description: A buffer copy without checking the size of input issue has been reported to affect several QNAP operating system versions. If...

PT-2024-4538 · Qnap · Qnap Qts +1

Name of the Vulnerable Software and Affected Versions: QNAP QTS versions prior to 5.1.7.2770 build 20240520 QNAP QuTS hero versions prior to h5.1.7.2770 build 20240520 Description: A buffer copy without checking the size of input issue has been reported, potentially allowing authenticated users t...