CVE-2023-39298

A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors. QuTScloud, is not...

CVE-2023-34974 QTS, QuTS hero, QuTScloud, QVR, QES

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...

QNAP QuTScloud Multiple Vulnerabilities (QSA-24-14, QSA-24-16)

QNAP QuTScloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutscloud"; ifdescripti...

CVE-2023-51365

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:...

CVE-2024-27124

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

CVE-2023-51365 QTS, QuTS hero, QuTScloud

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:...

CVE-2024-21905

CVE-2024-21905 is an integer overflow/wraparound vulnerability affecting QNAP QTS, QuTS Hero, and QuTScloud. The issue could allow an attacker to compromise the system remotely over the network. Affected/confirmed versions include QTS 5.1.3.2578 build 20231110 and later, QuTS Hero h5.1.3.2578 bui...

CVE-2024-27124 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

CVE-2024-27124

CVE-2024-27124 is an OS command injection vulnerability affecting QNAP QTS, QuTS hero, and QuTScloud. Exploitation could allow an attacker to execute arbitrary commands over the network, with no required privileges and user interaction needed. The issue has been fixed in: QTS 5.1.3.2578+ (build 2...

CVE-2024-32766 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

CVE-2024-32766 QTS, QuTS hero, QuTScloud

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later...

QNAP多款产品 命令注入漏洞

QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-level QNAP NAS use. QNAP Systems QuTS hero is an operating system....

QNAP Systems 多款产品路径遍历漏洞

QNAP Systems QuTScloud and others are products of China's Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating syste...

QNAP Systems QTS、QuTS hero和QuTScloud 输入验证错误漏洞

QNAP Systems QuTScloud and others are products of China-based Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating...

PT-2024-14092

Name of the Vulnerable Software and Affected Versions QNAP QTS versions prior to 5.1.4.2596 build 20231128 QNAP QTS versions prior to 4.5.4.2627 build 20231225 QNAP QuTS hero versions prior to h5.1.3.2578 build 20231110 QNAP QuTS hero versions prior to h4.5.4.2626 build 20231225 QNAP QuTScloud...

The vulnerability of the Quick.cgi file allows attackers to execute arbitrary commands on QTS, QuTS hero, and QuTScloud operating systems for network devices from Qnap.

The vulnerability of the Quick.cgi file exists in operating systems such as QTS, QuTS Hero, and QuTScloud, as well as in networking devices from Qnap. This vulnerability stems from the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this...

The vulnerability of QTS, QuTS hero, and QuTScloud network devices from Qnap operating systems arises from the failure to eliminate special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands.

The vulnerability of QTS, QuTS hero, and QuTScloud network devices from QNAP operating systems is related to the failure to take measures to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands...

Vulnerability of QTS, QuTS hero, and QuTScloud network devices from Qnap: a vulnerability related to writing data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of QTS, QuTS Hero, and QuTScloud network devices from QNAP operating systems is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerability of QTS, QuTS hero, and QuTScloud network devices from Qnap: a vulnerability related to writing data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of QTS, QuTS Hero, and QuTScloud network devices from QNAP operating systems is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

QNAP QuTScloud Multiple Vulnerabilities (QSA-24-09)

QNAP QuTScloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutscloud"; ifdescripti...