578 matches found
CVE-2023-47564
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...
Code injection
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...
CVE-2023-47564 Qsync Central
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...
CVE-2023-47564 Qsync Central
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync...
CVE-2023-47564
CVE-2023-47564 affects Qsync Central, caused by an incorrect permission assignment for a critical resource. If exploited, authenticated users could read or modify the resource over the network. Fixed in Qsync Central 4.4.0.15+ (2024/01/04) and 4.3.0.11+ (2024/01/11+). Remediation: upgrade to 4.4....
QNAP Multiple Product Security Vulnerabilities
QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system....
PT-2023-8518 · Qnap · Qsync Central
Name of the Vulnerable Software and Affected Versions: Qsync Central versions prior to 4.3.0.11 Qsync Central versions prior to 4.4.0.15 Description: The issue is related to an incorrect permission assignment for a critical resource in Qsync Central. This could allow an authenticated user to read...
QNAP QTS Qsync Central Cross-Site Scripting Vulnerability
QNAP QTS is a Turbo NAS operating system from QNAP Systems that provides file storage, management, backup, multimedia applications and security monitoring. It provides file storage, management, backup, multimedia applications and security monitoring, etc. Qsync Central is one of the cloud-based...
Cross site scripting
Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application...
CVE-2018-0716
Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application...
CVE-2018-0716
CVE-2018-0716 is a cross-site scripting vulnerability affecting QNAP QTS components, notably QTS 4.2.6 build 20180711 and QTS 4.3.x series (Qsync Central 3.0.2–3.0.4 and earlier). The underlying issue allows remote attackers to inject JavaScript in the compromised application. The connected docum...
CVE-2018-0716
Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application...
QNAP Qsync for Windows DLL Hijacking Vulnerability
QNAP Qsync for Windows exe is a Windows-based application from QNAP Systems for synchronizing files in a QNAP NAS storage device. A DLL hijacking vulnerability exists in QNAP Qsync for Windows exe versions 4.2.2.0724 and earlier. A remote attacker can exploit this vulnerability to execute arbitra...
CVE-2017-13070
A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...
CVE-2017-13070
A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...
Spoofing
A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...
CVE-2017-13070
The provided documents confirm a DLL hijacking vulnerability in QNAP Qsync for Windows (exe) versions 4.2.2.0724 and earlier, where an attacker could remotely execute arbitrary code on Windows machines. Affected component: QNAP Qsync for Windows. Root cause: DLL hijacking vulnerability. Impact: r...
CVE-2017-13070
A DLL Hijacking vulnerability in QNAP Qsync for Windows exe version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines...