38 matches found
EUVD-2020-22292
Malware in sbrugna...
EUVD-2020-22296
Malware in sbrugna...
EUVD-2020-22298
Malware in sbrugna...
EUVD-2014-9236
Malware in sbrugna...
EUVD-2020-22297
Malware in sbrugna...
CVE-2023-23355
An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors. QES is not affected. We have already fixed the vulnerability in the following...
Qnap QTS NULL Pointer Dereference (CVE-2023-32970)
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service DoS attack via a network. QES is not affected. We have already fixed the vulnerabilit...
Qnap QES Cross-site Scripting (CVE-2020-2503)
If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit...
Qnap QES Generation of Error Message Containing Sensitive Information (CVE-2020-2505)
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...
Qnap QES Path Traversal (CVE-2020-2504)
If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Qnap QES Use of Hard-coded Credentials (CVE-2020-2499)
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later. This plugin only works with Tenable.ot...
CVE-2023-34974
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...
CVE-2023-34974 QTS, QuTS hero, QuTScloud, QVR, QES
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...
CVE-2023-23355 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR
An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors. QES is not affected. We have already fixed the vulnerability in the following...
QNAP QES Installed
Binary data qnapqesinstalled.nbin...
QNAP QTS/QES/QuTS hero - Web Detection
Binary data qnapqtsqutsherowebdetect.nbin...
QNAP QES Directory Traversal Vulnerability
QNAP QES is a desktop operating system mainly used for managing files by QNAP China. A directory traversal vulnerability exists in QNAP QES, which can be exploited by a remote attacker to submit a special request to obtain sensitive information...
CVE-2020-2505
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later...
CVE-2020-2499
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later...
CVE-2020-2503
If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later...