QNAP Security Vulnerabilities
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the fo...
5.5CVSS
4.9AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:QuMagie 2.2.1 and later
8.8CVSS
8.7AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:QuMagie 2.2.1 and later
5.5CVSS
5.8AI Score
0.0004EPSS
An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version:QuMagie 2.2.1 and later
8.8CVSS
9.1AI Score
0.0005EPSS
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:Photo Station 6.4.2 ( 2023/12/15 ) and later
5.5CVSS
5.6AI Score
0.0004EPSS
An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version:Photo Station 6.4.2 ( 2023/12/15 ) and later
8.8CVSS
8.8AI Score
0.0005EPSS
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions:Qsync Cen...
8.1CVSS
7.7AI Score
0.001EPSS
An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmware ...
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.5.2645 buil...
7.2CVSS
7.4AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.5.2645 buil...
7.2CVSS
8AI Score
0.0005EPSS
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.5.2645 build 20240116 a...
8.8CVSS
8.7AI Score
0.001EPSS
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors....
6.7CVSS
6.4AI Score
0.0004EPSS
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.3.2578 bui...
9.8CVSS
9.3AI Score
0.001EPSS
An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.3.2578 build 20231110 and later...
6.5CVSS
6.5AI Score
0.0005EPSS
A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions:myQNAPcloud 1.0.52 ( 2023/11/24 ) and laterQTS 4....
4.7CVSS
5.2AI Score
0.001EPSS