EUVD-2021-19380

Malware in sbrugna...

EUVD-2021-19379

Malware in sbrugna...

EUVD-2021-19381

Malware in sbrugna...

QSAN SANOS Injection Vulnerability

QSAN SANOS is the SAN storage management operating system from QSAN China. It comes with a refreshingly easy-to-use Web GUI and can be easily deployed into any infrastructure. An injection vulnerability exists in QSAN SANOS, which stems from the product's setting page not filtering user-entered...

Access Control Error Vulnerability in Multiple QSAN Products

QSAN SANOS is a SAN storage management operating system. QSAN XEVO is a flash data management system. QSAN Storage Manager is a NAS operating system. several QSAN products are vulnerable to an access control error that could be exploited by remote attackers to discover user credentials and gain...

Unspecified Vulnerability in QSAN SANOS

QSAN SANOS is the SAN storage management operating system from QSAN China. It comes with a refreshingly easy-to-use Web GUI and can be easily deployed into any infrastructure. A security vulnerability exists in QSAN SANOS that stems from the QSAN SANOS Restore Factory Settings feature not filteri...

QSAN Multiple Products Trust Management Issues Vulnerabilities

QSAN SANOS and others are products of QSAN China.QSAN SANOS is a SAN storage management operating system.QSAN XEVO is a flash data management system.QSAN Storage Manager is a NAS operating system. A trust management issue vulnerability exists in several QSAN products, which can be exploited by a...

QSAN SANOS and QSAN XEVO Command Injection Vulnerability

QSAN SANOS and QSAN XEVO are both products of QSAN China. QSAN SANOS is a SAN storage management operating system. It comes with a refreshingly easy-to-use Web GUI and can be easily deployed to any infrastructure.QSAN XEVO is a flash data management system. It reduces repetitive tasks and provide...

CVE-2021-32534

QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32535

The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32534

QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32535

The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32521

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32521

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32529

Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32533

The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

CVE-2021-32529

Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

CVE-2021-32533

The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

Design/Logic Flaw

The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without permissions. The referred vulnerability has been solved with the updated version of QSAN SANOS v2.1.0...

Command injection

Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and refer to recommendations in QSAN Document...