7 matches found
CVE-2023-39296
A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have already fixed the...
Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager
A security flaw has been disclosed in Kyocera's Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a malicious SMB share, to...
QNAP QuTS hero Multiple Vulnerabilities (QSA-23-22, QSA-23-54, QSA-23-64)
QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...
QNAP QTS / QuTS hero Vulnerability in QTS and QuTS hero (QSA-23-64)
The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the QSA-23-64 advisory. - A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to...
CVE-2023-39296
CVE-2023-39296 is a prototype pollution vulnerability affecting QNAP QTS and QuTS hero. The issue allows overriding existing attributes with incompatible types, potentially causing a crash over a network (no user interaction required). Official analysis and multiple feeds confirm the affected pro...
CVE-2023-39296 QTS, QuTS hero
A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have already fixed the...
CVE-2023-39296 QTS, QuTS hero
A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have already fixed the...