Lucene search
K

20 matches found

Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.7 views

(Pwn2Own) QNAP QHora-322 qvpn_db_mgr role_type Improper Neutralization of Escape Sequences Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the roletype parameter...

6.3CVSS6AI score0.00184EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.4 views

(Pwn2Own) QNAP QHora-322 ip6_wanifset Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of firewall rules. The issue results from failing to...

6.3CVSS5.5AI score0.00281EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.7 views

(Pwn2Own) QNAP QHora-322 miro_webserver_controllers_api_login_singIn Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mirowebservercontrollersapiloginsingIn function. The issue results...

5CVSS6AI score0.00229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.5 views

(Pwn2Own) QNAP QHora-322 qvpn_db_mgr username SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the qvpndbmgr module...

8.8CVSS6.3AI score0.002EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/30 12:0 a.m.6 views

(Pwn2Own) QNAP QHora-322 login.newAuthMiddleware.Authenticator Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the quroutertoken parameter provided to the...

5.6CVSS5.5AI score0.00197EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/08/26 12:0 a.m.8 views

(Pwn2Own) QNAP QHora-322 miro_webserver_lib_RunExecBash Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.1CVSS6.7AI score0.00598EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.10 views

(Pwn2Own) QNAP QHora-322 IPMI Use of Weak Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IPMI interface. The issue results from the use of the WAN MAC addres...

6.3CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.5 views

(Pwn2Own) QNAP QHora-322 backup Use of Hard-coded Cryptographic Key Privilege Escalation Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the Backup and Restore functionality. The issue results from the use of a...

8CVSS7.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.7 views

(Pwn2Own) QNAP QHora-322 do_fetch Improper Certificate Validation Vulnerability

This vulnerability allows network-adjacent attackers to compromise transport security on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dofetch method. The issue results from the lack of proper...

4.3CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.5 views

(Pwn2Own) QNAP QHora-322 qfirewall Improper Restriction of Communication Channel to Intended Endpoints Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of firewall rules. The issue results from failing to...

5CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.9 views

(Pwn2Own) QNAP QHora-322 SSH Use of Weak Credentials Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the default SSH credentials. The issue results from the use of the WAN M...

7.5CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.5 views

(Pwn2Own) QNAP QHora-322 openvpn_cli user_name SQL Injection Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability, however a specific configuration is necessary. The specific flaw exists within the openvpncli module. The issue...

8.1CVSS7.7AI score0.00833EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.11 views

(Pwn2Own) QNAP QHora-322 tar Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of parameters provided to the tar executable. The issue...

7.5CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.7 views

(Pwn2Own) QNAP QHora-322 qsyslog-cli username Format String Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the username parameter provided to the qsyslog-cli...

7.5CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.11 views

(Pwn2Own) QNAP QHora-322 local_pwd_reset HTTP Request Smuggling Vulnerability

This vulnerability allows network-adjacent attackers to smuggle arbitrary HTTP requests on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

6.3CVSS7.4AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.4 views

(Pwn2Own) QNAP QHora-322 system.db Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the storage of credentials. The issue results from the use of a hard-coded...

8.1CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.21 views

(Pwn2Own) QNAP QHora-322 access_setting HTTP Request Smuggling Vulnerability

This vulnerability allows network-adjacent attackers to smuggle arbitrary HTTP requests on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

6.3CVSS7.4AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.9 views

(Pwn2Own) QNAP QHora-322 Improper Restriction of Communication Channel to Intended Endpoints Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SSH daemon. The...

6.6CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.4 views

(Pwn2Own) QNAP QHora-322 IPv6 Incorrectly Specified Destination in a Communication Channel Network Spoofing Vulnerability

This vulnerability allows network-adjacent attackers to redirect localhost traffic on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /etc/hosts file. The issue results from the router issuing DNS...

5CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/07/31 12:0 a.m.15 views

(Pwn2Own) QNAP QHora-322 lionic_dpi parseMIME Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of QNAP QHora-322 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parseMIME method. The issue results from the lack of proper...

8.8CVSS7.5AI score
Exploits0References1
Rows per page
Query Builder