Qts Security Vulnerabilities and Issues — Qts CVE List

Lucene search

QnapQts

9 matches found

CVE•added 2022/05/05 5:15 p.m.•87 views

CVE-2021-38693

A path traversal vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, QTS, QVR Pro Appliance. If exploited, this vulnerability allows attackers to read the contents of unexpected files and expose sensitive data. We have already fixed this vulnerability in the followin...

5.3CVSS5.1AI score0.00269EPSS

CVE•added 2021/06/03 3:15 a.m.•78 views

CVE-2021-28806

A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.3.1652 Build 20210428. QNAP Systems Inc. QuTS hero versions prior...

5.7CVSS5.3AI score0.00247EPSS

CVE•added 2023/08/24 5:15 p.m.•46 views

CVE-2023-34973

An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to predict secret via unspecified vectors. We have already fixed the vulnerability in the following versions:QTS 5.0.1.2425 build 20230609 and later...

5.3CVSS4.6AI score0.00197EPSS

CVE•added 2018/11/27 9:0 p.m.•41 views

CVE-2018-0719

Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP Systems Inc. QTS allows attackers to inject javascript. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions ...

5.5CVSS5.4AI score0.00226EPSS

CVE•added 2018/03/27 9:29 p.m.•37 views

CVE-2017-7630

QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.

5.3CVSS5AI score0.0023EPSS

CVE•added 2024/02/02 4:15 p.m.•37 views

CVE-2023-45026

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in th...

5.5CVSS5.6AI score0.00057EPSS

CVE•added 2024/02/02 4:15 p.m.•37 views

CVE-2023-45027

5.5CVSS5.6AI score0.00057EPSS

CVE•added 2024/02/02 4:15 p.m.•35 views

CVE-2023-45028

An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the fo...

5.5CVSS4.9AI score0.00035EPSS

CVE•added 2024/02/02 4:15 p.m.•28 views

CVE-2023-41274

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following ve...

5.5CVSS5.8AI score0.00047EPSS