CVE-2023-50364

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS...

CVE-2018-19943

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later Q...

CVE-2013-6276

QNAP FVioCard 2312 and FVioGate 2308 have hardcoded entries in authorizedkeys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models...

EUVD-2017-16638

Malware in sbrugna...

EUVD-2021-15465

Malware in sbrugna...

CVE-2018-19946

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. QNAP has already fixed the issue in...

CVE-2024-21899

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578...

CVE-2024-48865 QTS, QuTS hero

An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow attackers with local network access to compromise the security of the system. We have already fixed the vulnerability in the following...

CVE-2023-45042

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:...

Vulnerabilities fixed in QNAP nas

QNAP has fixed vulnerabilities in nas systems. The vulnerabilities allow a malicious person to execute arbitrary code execute arbitrary code. QNAP has released updates to fix the vulnerability. More information can be found on the pages below: CVE-2021-28816 and CVE-2021-34343:...

Stubborn Malware Targets QNAP NAS Hardware Specifically

UPDATE Top-selling network attached storage devices NAS made by QNAP Systems are being singled out by attackers, who have crafted malware specifically designed for the vendor’s hardware. Researchers at the Finland’s National Cyber Security Centre NCSC-FI reported the targeted attacks late last...

QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)

Exploit Title : QNap QVR Client 5.0.3.23100 - Denial of Service PoC Discovery by : Rodrigo Eduardo Rodriguez Discovery Date : 2018-08-06 Vendor Homepage: http://www.qnapsecurity.com/n/en/ Software Link : http://download.qnap.com/Surveillance/Utility/QNewMon5.zip Tested Version : 5.0.3.23100...

EUVD-2017-16851

This command injection vulnerability in QTS allows attackers to run arbitrary commands in the compromised application. QNAP have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3.0174 build 20170503 and later versions...