9 matches found
EUVD-2018-11615
Malware in sbrugna...
The vulnerability of the QTS Download Station application allows attackers to execute XSS attacks on QTS operating systems and QNAP network devices.
The vulnerability of the QTS Download Station application for downloading files on QTS operating systems and QNAP network devices exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks...
The vulnerability of the QuTS operating systems and QTS network devices from Qnap, related to an unvalidated return value, allows attackers to trigger a service failure.
The vulnerability of the QuTS operating systems and QTS network devices involves an unvalidated return value. Exploiting this vulnerability can allow attackers to cause service failures...
Vulnerability of QTS, QuTS hero, QuTScloud network devices from Qnap operating systems, allowing attackers to execute arbitrary commands.
The vulnerability of QTS, QuTS Hero, and QuTScloud network devices from QNAP operating systems exists due to the lack of measures taken to neutralize the special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary comman...
CVE-2018-19944
A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354...
Design/Logic Flaw
A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354...
CVE-2018-19944
CVE-2018-19944 : A cleartext transmission of sensitive information affects QNAP QTS devices. Public details indicate this enables a remote attacker to access sensitive information. The vulnerability has been fixed in QTS 4.4.3.1354 build 20200702 and later; organizations should upgrade to this ve...
CVE-2018-19944 Cleartext Transmission of Sensitive Information in SNMP
A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354...
QNAP Systems QUTS Hero and Qnap Systems QNAP QTS Cross-Site Scripting Vulnerabilities
Qnap Systems QNAP QTS is a data storage device with SAN-like storage architecture from Qnap Systems, China. The device supports tiered storage, mirror protection, and other safeguard features.QNAP Systems QUTS Hero is a NAS operating system for file management from QNAP Systems, China. The system...