Lucene search
K

108 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.26 views

Qnap QTS OS Command Injection (CVE-2023-39300)

An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.3.6.2805 build 20240619 and later QTS...

7.2CVSS5.7AI score0.01212EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.13 views

Qnap QTS Stack-based Buffer Overflow (CVE-2023-41278)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

7.2CVSS7.5AI score0.00547EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.15 views

Qnap QTS Classic Buffer Overflow (CVE-2024-27129)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS...

8.8CVSS6.3AI score0.00695EPSS
Exploits0References2
NVD
NVD
added 2024/09/06 5:15 p.m.41 views

CVE-2024-21903

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722...

6.6CVSS0.00801EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/06 4:27 p.m.25 views

CVE-2024-21906 QTS, QuTS hero

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823...

4.7CVSS0.00815EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/06 4:27 p.m.16 views

CVE-2023-34979 QTS, QuTS hero

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790...

6.6CVSS7.6AI score0.01073EPSS
Exploits0References1
CVE
CVE
added 2024/09/06 4:27 p.m.61 views

CVE-2023-34974

The CVE-2023-34974 entry is an OS command injection affecting QNAP QTS and QTS Hero (QTS versions prior to 4.5.4.2790 build 20240605 and later, and QuTS Hero prior to h4.5.4.2626 build 20231225 and later). QuTScloud, QVR, and QES are not affected. Root cause is a network-exposed command-injection...

8.8CVSS9AI score0.00938EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/06 4:27 p.m.29 views

CVE-2023-34974 QTS, QuTS hero, QuTScloud, QVR, QES

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...

8.8CVSS7.7AI score0.00938EPSS
Exploits0References1
CVE
CVE
added 2024/09/06 4:27 p.m.89 views

CVE-2023-39300

The CVE-2023-39300 entry concerns QNAP QTS OS command injection in legacy QTS. Affected are QTS versions prior to 4.3.6.2805 (build 20240619), prior to 4.3.4.2814 (build 20240618), prior to 4.3.3.2784 (build 20240619), and prior to 4.2.6 (build 20240618). The vulnerability stems from insufficient...

7.2CVSS7.2AI score0.01212EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/09/06 4:26 p.m.48 views

CVE-2024-21903 QTS, QuTS hero

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722...

6.6CVSS0.00801EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/06 4:26 p.m.19 views

CVE-2024-21903 QTS, QuTS hero

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722...

6.6CVSS7.6AI score0.00801EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/06 4:26 p.m.21 views

CVE-2024-21898 QTS, QuTS hero

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build...

8.8CVSS7.6AI score0.01214EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/09/06 4:26 p.m.16 views

CVE-2023-51367 QTS, QuTS hero

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build...

5.4CVSS7.4AI score0.00391EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/06 12:0 a.m.5 views

QNAP Systems QTS 操作系统命令注入漏洞

QNAP Systems QTS is an operating system used by China Weilian Technology QNAP Systems for entry to mid-level QNAP NAS. An operating system command injection vulnerability exists in QNAP Systems QTS version 4.3.6.2805 build 20240619 and prior versions, which stems from the inclusion of an operatin...

7.2CVSS7.8AI score0.01212EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/03 2:32 a.m.14 views

CVE-2023-47220 Media Streaming add-on

An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.5...

6.6CVSS7AI score0.01191EPSS
Exploits0References1
NVD
NVD
added 2024/04/26 3:15 p.m.27 views

CVE-2024-27124

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

7.5CVSS7.8AI score0.01436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/26 3:0 p.m.9 views

CVE-2024-27124 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

7.5CVSS7.7AI score0.01436EPSS
Exploits0References1
CVE
CVE
added 2024/04/26 3:0 p.m.68 views

CVE-2024-27124

CVE-2024-27124 is an OS command injection vulnerability affecting QNAP QTS, QuTS hero, and QuTScloud. Exploitation could allow an attacker to execute arbitrary commands over the network, with no required privileges and user interaction needed. The issue has been fixed in: QTS 5.1.3.2578+ (build 2...

7.5CVSS7.8AI score0.01436EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2024/04/26 3:0 p.m.38 views

CVE-2024-27124 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

7.5CVSS8AI score0.01436EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/26 3:0 p.m.16 views

CVE-2024-32766 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

10CVSS7.8AI score0.02315EPSS
Exploits0References1
Rows per page
Query Builder