Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Quts Hero Security Vulnerabilities - 2020

cve
cve

CVE-2018-19941

A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build...

7.5CVSS

7.2AI Score

0.002EPSS

2020-12-31 05:15 PM
37
2
cve
cve

CVE-2019-7198

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4...

9.8CVSS

9.8AI Score

0.002EPSS

2020-12-10 04:15 AM
40
cve
cve

CVE-2020-2495

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and...

6.1CVSS

6.5AI Score

0.001EPSS

2020-12-10 04:15 AM
45
2
cve
cve

CVE-2020-2496

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and...

6.1CVSS

6.5AI Score

0.001EPSS

2020-12-10 04:15 AM
41
3
cve
cve

CVE-2020-2497

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20...

6.1CVSS

6.2AI Score

0.001EPSS

2020-12-10 04:15 AM
39
2
cve
cve

CVE-2020-2498

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build...

6.1CVSS

6.2AI Score

0.001EPSS

2020-12-10 04:15 AM
39
cve
cve

CVE-2020-25847

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.

8.8CVSS

9.1AI Score

0.001EPSS

2020-12-30 12:00 AM
92
24