qnap

613 tracked vulnerabilities.

CVE-2024-53698 MEDIUM
QNAP QTS and QuTS hero - Double Free
Mar 07, 2025
CVSS 4.9
EPSS 0.00
CVE-2024-53697 HIGH
QNAP QTS and QuTS hero - Out-of-bounds Write
Mar 07, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-53696 MEDIUM
QuLog Center 1.7.0-1.7.0.828, QTS 4.5.1-4.5.4.2956, QuTS hero h4.5.0-h4.5.4.2475 - SSRF
Mar 07, 2025
CVSS 4.9
EPSS 0.00
CVE-2024-53695 CRITICAL
QNAP HBS 3 Hybrid Backup Sync 25.1.0.627-25.1.4.952 - Stack-based Buffer Overflow
Mar 07, 2025
CVSS 9.1
EPSS 0.01
CVE-2024-53693 HIGH
QNAP QTS and QuTS hero - CRLF Injection
Mar 07, 2025
CVSS 7.1
EPSS 0.00
CVE-2024-53692 MEDIUM
QNAP QTS and QuTS hero - Authenticated OS Command Injection
Mar 07, 2025
CVSS 4.7
EPSS 0.00
CVE-2024-50405 MEDIUM
QNAP OS <5.2.3.3006 - CRLF Injection
Mar 07, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-50394 HIGH
QNAP Helpdesk 3.3.1-3.3.2 - Improper Certificate Validation
Mar 07, 2025
CVSS 8.8
EPSS 0.00
CVE-2024-50390 CRITICAL
Qnap Qurouter - Command Injection
Mar 07, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-48864 CRITICAL
File Station 5 <5.5.6.4741 - Info Disclosure
Mar 07, 2025
CVSS 9.1
EPSS 0.00
CVE-2024-38638 HIGH
QNAP QTS and QuTS hero - Out-of-bounds Write
Mar 07, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-13086 MEDIUM
QNAP QTS and QuTS hero - Exposure of Sensitive Information
Mar 07, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-53691 HIGH
QNAP QTS and QuTS hero - Link Following via File System Traversal
Dec 06, 2024
CVSS 8.8
EPSS 0.48
CVE-2024-50404 HIGH
Qsync Central 4.4.0-4.4.0.15 - Authenticated Path Traversal via Symbolic Link
Dec 06, 2024
CVSS 8.8
EPSS 0.44
CVE-2024-50403 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Dec 06, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-50402 HIGH
QNAP QTS and QuTS hero - Use of Externally-Controlled Format String
Dec 06, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-50393 CRITICAL
QNAP QTS and QuTS hero - OS Command Injection
Dec 06, 2024
CVSS 9.8
EPSS 0.04
CVE-2024-50389 CRITICAL
QuRouter < 2.4.5.032 - SQL Injection
Dec 06, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-50388 CRITICAL
HBS 3 Hybrid Backup Sync < 25.1.1.673 - OS Command Injection
Dec 06, 2024
CVSS 9.8
EPSS 0.08
CVE-2024-50387 CRITICAL
QNAP SMB Service - SQL Injection
Dec 06, 2024
CVSS 9.8
EPSS 0.23
CVE-2024-48868 HIGH
QNAP QTS and QuTS hero - CRLF Injection
Dec 06, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-48867 HIGH
QNAP QTS and QuTS hero - CRLF Injection
Dec 06, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-48866 MEDIUM
QNAP QTS and QuTS hero - Denial of Service via Hex Encoding Mishandling
Dec 06, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-48865 HIGH
QNAP QTS and QuTS hero - Improper Certificate Validation
Dec 06, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-48863 CRITICAL
QNAP License Center 1.9.36-1.9.42 - OS Command Injection
Dec 06, 2024
CVSS 9.8
EPSS 0.04
Products
qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV