A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions:Multimedia Console 2...
9.8CVSS
9.6AI Score
0.005EPSS
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version:Music Station ...
7.7CVSS
6AI Score
0.001EPSS
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version:Music Station ...
7.7CVSS
6AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.0.1.2376 buil...
7.2CVSS
7.2AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.0.1.2376 build 20230421 and laterQTS...
9.8CVSS
9.6AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions:Multimedia Console 2.1.2 ( 2023/05/04 ) an...
9.8CVSS
9.7AI Score
0.001EPSS
An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have al...
6.7CVSS
4.7AI Score
0.0004EPSS
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors. We have already fixed the vulnerability in the following ver...
5.2CVSS
4.3AI Score
0.0004EPSS
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions:QTS 5.0.1.2425 build 20230609 an...
6.5CVSS
5.8AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version:QUSBCam2 2.0.3 ( 2023/06/15 ) and later
8.8CVSS
8.8AI Score
0.001EPSS
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network.QTS 5.x, QuTS hero are not affected. We have already fixed the vulnerabil...
6.5CVSS
6.5AI Score
0.0005EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.QES is not affected. We have already fixed the vulnerability...
4.9CVSS
5.7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.1AI Score
0.001EPSS
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:QT...
7.5CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version:Container Station 2.6.7.44 and later
7.2CVSS
7.2AI Score
0.001EPSS
An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to decrypt the data using brute force attacks via unspecified vectors. We have already fixed the vulnerability in the following v...
8.8CVSS
8.4AI Score
0.0005EPSS
A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to read the contents of unexpected sensitive data via unspecified vectors. We have already fixed the vulnerabilit...
6.5CVSS
6.1AI Score
0.001EPSS
An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to predict secret via unspecified vectors. We have already fixed the vulnerability in the following versions:QTS 5.0.1.2425 build 20230609 and later...
5.3CVSS
5.8AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions:QTS 4...
8.8CVSS
9AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.QuTScloud c5.1.x is not affected. We have already fixed the vulnerability in the follo...
8.8CVSS
8.8AI Score
0.001EPSS
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:Video Station 5.7.0 ( 2023/07/27 ) and later
8.8CVSS
8.7AI Score
0.001EPSS
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:Video Station 5.7.0 ( 2023/07/27 ) and later
5.4CVSS
5.7AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 4.5.4.2790 buil...
7.2CVSS
6.8AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.3.2578 buil...
7.2CVSS
7.8AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version:QuMagie 2.1.3 and later
8.8CVSS
8.7AI Score
0.001EPSS
A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have already fixed the vulnera...
7.5CVSS
8.4AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.4.2596 build 2023112...
8.8CVSS
9.3AI Score
0.0005EPSS
A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors.QuTScloud, is not affe...
7.8CVSS
7.4AI Score
0.0004EPSS
A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions:Music Station 4.8.11 and la...
7.5CVSS
7.2AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 4.3.6.2805 build 20240619 and laterQTS 4.3....
7.2CVSS
7.2AI Score
0.001EPSS
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network. We have already fixed the vulnerability in the following versions:QTS 5.0.1....
4.3CVSS
4.3AI Score
0.0004EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.3.2578 buil...
7.2CVSS
8.5AI Score
0.0005EPSS
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.3.2578 bui...
9.8CVSS
9.3AI Score
0.001EPSS
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.2.2533 bui...
7.2CVSS
7.1AI Score
0.001EPSS
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following ve...
5.5CVSS
5.8AI Score
0.0004EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions:QT...
7.2CVSS
7.2AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.4.2596 buil...
7.2CVSS
7.4AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.4.2596 buil...
7.2CVSS
7.4AI Score
0.0005EPSS
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions:QTS 5.1.4.2596 buil...
7.2CVSS
7.4AI Score
0.0005EPSS
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:QuMagie 2.1.4 and later
8.8CVSS
8.7AI Score
0.001EPSS
A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version:QuMagie 2.1.4 and later
8.8CVSS
8.7AI Score
0.001EPSS