CVE-2018-0728

This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions...

QNAP Helpdesk 跨站脚本漏洞

QNAP Systems Helpdesk is a helpdesk application from China-based QNAP Systems. A cross-site scripting vulnerability exists in QNAP Helpdesk version 3.3.1 and prior versions, which stems from the inclusion of a cross-site scripting vulnerability. An attacker can exploit this vulnerability to injec...

VulnCheck KEV: CVE-2020-2506

QNAP Helpdesk contains an improper access control vulnerability which could allow an attacker to gain privileges or to read sensitive information...

CVE-2020-2506

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk...

CVE-2020-2506 improper access control vulnerability in Helpdesk

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk...

Qnap Systems QNAP Systems Helpdesk 操作系统命令注入漏洞

Qnap Systems QNAP Systems Helpdesk is a helpdesk application from China Wizlink Qnap Systems. An Access Control Error vulnerability exists in QNAP Systems Inc. Helpdesk versions prior to 3.0.3, which arises from improper access control and can be exploited by an attacker to gain control of a QNAP...

Multiple QNAP Products NAS-201911-20 Multiple Security Vulnerabilities

Description Multiple QNAP products are prone to multiple security vulnerabilities. An attacker may leverage these issues to execute arbitrary commands or gain unauthorized access to the affected device. Technologies Affected Qnap Helpdesk 1.0.06 Qnap Helpdesk 1.1.01 Qnap Helpdesk 1.2.0 Qnap...

CVE-2018-0714

Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application...

QNAP HelpDesk 1.1.12 - SQL Injection

QNAP HelpDesk 1.1.12 - SQL Injection Vulnerability Summary The following advisory describes a SQL injection found in QTS Helpdesk versions 1.1.12 and earlier. QNAP helpdesk: “Starting from QTS 4.2.2 you can use the built-in Helpdesk app to directly submit help requests to QNAP from your NAS. To d...