QNAP HBS 3 - Broken Access Control

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 Hybrid Backup Sync. If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to...

CVE-2025-66280

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the...

QNAP file station 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. QNAP Systems File Station 5 has a security vulnerability that stems from a buffer overflow issue. This vulnerability could allow remote attackers to modify memory after obtaining...

QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability arises from command injections, whic...

QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have an operating system command injection vulnerability. This vulnerability stems from command injection, which...

QNAP file station 资源管理错误漏洞

QNAP Systems File Station 6 is a file management software developed by QNAP Systems, a company based in Taiwan, China. There is a security vulnerability in QNAP Systems File Station 6, which stems from unlimited resource allocation or throttling. This vulnerability could allow remote attackers to...

QNAP QTS 输入验证错误漏洞

QNAP Systems QuTScloud is a product of QNAP Systems. It is a cloud-optimized version of the QNAP NAS operating system. QNAP Systems QTS is software with data storage and management capabilities. QNAP Systems QuTS Hero is also software with data storage and management capabilities. Several product...

QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

QNAP QTS 路径遍历漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have path traversal vulnerabilities, which allow remote attackers to access unexpected files or system data after...

QNAP QTS 跨站脚本漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. Both products have cross-site scripting vulnerabilities. These vulnerabilities allow remote attackers to bypass security...

Qnap QTS and QuTS hero Improper Neutralization of Special Elements used in a Command (CVE-2024-14026)

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions:...

QNAP Systems Media Streaming Add-On 安全漏洞

QNAP Systems Media Streaming Add-On is an extension component developed by QNAP Systems, a company from Taiwan, China, that provides media streaming services and content distribution capabilities for network storage devices. The QNAP Systems Media Streaming Add-On has a security vulnerability,...

QNAP Systems QVR Pro 访问控制错误漏洞

QNAP Systems QVR Pro is a network video monitoring platform developed by QNAP Systems, Inc. in Taiwan, China. Versions of QNAP Systems QVR Pro prior to 2.7.4.14 contained an access control vulnerability. This vulnerability stemmed from the lack of authentication for critical functions, allowing...

QNAP Systems QuFTP Service 跨站脚本漏洞

QNAP Systems QuFTP Service is a service component provided by QNAP Systems, a company based in Taiwan, China. It offers File Transfer Protocol services and remote file access management capabilities. The QNAP Systems QuFTP Service has a cross-site scripting vulnerability. This vulnerability stems...

CVE-2025-66277

A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build...

QNAP Systems File Station 5 路径遍历漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.0.0.4 had a path traversal vulnerability. This vulnerability allows for the execution of arbitrary commands, potentially leading ...

QNAP Systems QTS和QNAP Systems QuTS hero 代码问题漏洞

QNAP Systems QTS and QNAP Systems QuTS Hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There were code-related vulnerabilities in versions of QNAP Systems QTS 5.2.8.3332 build 20251128 and QNAP Systems QuTS Hero...

QNAP Systems File Station 5 安全漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.5.6.5068 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation without any...

QNAP Systems File Station 5 缓冲区错误漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.5.6.5068 had a buffer error vulnerability. This vulnerability stemmed from out-of-bounds read attacks, which could lead to the...