CVE-2025-59382

CVE-2025-59382 affects QTS, QuTS hero, QuTScloud and QVP (QVR Pro appliances). The connected documents state these products are not affected by the vulnerability, and that the vulnerability has been fixed in a following version. No exploit details, affected subcomponents, or specific versions are...

Qnap QTS and QuTS hero Uncontrolled Resource Consumption (CVE-2022-27600)

An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of- service DoS attack. We have already fixed the vulnerability in the following versions: QTS...

Qnap QTS and QuTS hero Integer Overflow or Wraparound (CVE-2024-21905)

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS...

EUVD-2018-11628

Malware in sbrugna...

QNAP 多款产品操作系统命令注入漏洞

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system...

QNAP多款产品 命令注入漏洞

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-level QNAP NAS use. QNAP Systems QuTS hero is an operating system....

PT-2024-3225

Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.1.3.2578 build 20231110 QTS versions prior to 4.5.4.2627 build 20231225 QuTS hero versions prior to h5.1.3.2578 build 20231110 QuTS hero versions prior to h4.5.4.2626 build 20231225 QuTScloud versions prior to c5.1.5.26...

PT-2024-12372 · Qnap · Qutscloud +2

Name of the Vulnerable Software and Affected Versions: QuTScloud versions prior to 5.1.5.2651 QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to 5.1.4.2596 build 20231128 Description: A cross-site scripting XSS vulnerability has been reported to affect Network & Virtual...

QNAP Systems Multiple Product Licensing Issues Vulnerabilities

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system...

The vulnerability of QTS, QuTS hero, and QuTScloud network devices from Qnap operating systems arises from incorrect path name restrictions for access-controlled catalogs. This allows attackers to exploit the vulnerabilities to disclose protected information.

The vulnerability of QTS, QuTS Hero, and QuTScloud network devices from QNAP operating systems is related to incorrect path name restrictions in the restricted access catalog. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

The vulnerability of QTS and QuTScloud network devices from QNAP operating systems stems from deficiencies in authentication procedures, allowing attackers to escalate their privileges.

The vulnerabilities of QTS and QuTScloud network devices from QNAP are related to deficiencies in authentication procedures. Exploiting these vulnerabilities can allow attackers to gain increased privileges remotely...

Vulnerability of QuTS hero, QTS, and QuTScloud network devices: commands that allow attackers to execute arbitrary commands

The vulnerability of the QuTS hero, QTS, and QuTScloud network devices from operating systems is related to the possibility of executing commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

CVE-2023-47218

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later...

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices stems from the lack of measures to neutralize special elements, allowing attackers to execute arbitrary commands.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices is related to the lack of measures taken to neutralize specific elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices arises from copying buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices arises from copying buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems for QNAP network devices is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerability of QTS, QuTS hero, QuTScloud network devices from Qnap operating systems, allowing attackers to execute arbitrary commands.

The vulnerability of QTS, QuTS Hero, and QuTScloud network devices from QNAP operating systems exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary comman...

CVE-2023-47566

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645...

CVE-2023-45026

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in...

CVE-2023-45035

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...