qnap

613 tracked vulnerabilities.

CVE-2023-50363 HIGH
QNAP QTS and QuTS hero - Authenticated Authorization Bypass via Network
Apr 26, 2024
CVSS 7.4
EPSS 0.00
CVE-2023-50362 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Stack-based Buffer Overflow
Apr 26, 2024
CVSS 5.0
EPSS 0.00
CVE-2023-50361 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Stack-based Buffer Overflow
Apr 26, 2024
CVSS 5.0
EPSS 0.00
CVE-2023-47222 CRITICAL
QNAP Media Streaming add-on >=500.1.1.0 <500.1.1.5 - Exposure of Sensitive Information via Network
Apr 26, 2024
CVSS 9.6
EPSS 0.00
CVE-2023-41291 MEDIUM
QuFirewall < 2.4.1 - Authenticated Path Traversal and Sensitive Data Exposure
Apr 26, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-41290 MEDIUM
QuFirewall < 2.4.1 - Authenticated Path Traversal
Apr 26, 2024
CVSS 4.1
EPSS 0.00
CVE-2023-47221 MEDIUM
QNAP Photo Station 6.4.0-6.4.1 - Authenticated Path Traversal
Mar 08, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-34980 MEDIUM
QNAP QTS 4.5.1-4.5.4.2626 and QuTS hero h4.5.0-h4.5.4.2625 - Authenticated OS Command Injection
Mar 08, 2024
CVSS 5.9
EPSS 0.00
CVE-2023-32969 MEDIUM
QNAP Network & Virtual Switch - Authenticated Stored Cross-Site Scripting
Mar 08, 2024
CVSS 4.9
EPSS 0.00
CVE-2023-50358 MEDIUM
QNAP QTS 4.2.0-4.2.5 - OS Command Injection
Feb 13, 2024
CVSS 5.8
EPSS 0.02
CVE-2023-47218 MEDIUM NUCLEI
QNAP QTS 5.1.0-5.1.5.2645 and QuTS hero h5.1.0-h5.1.5.2647 and QuTScloud c5.0.0.1919-c5.1.5.2651 - OS Command Injection
Feb 13, 2024
CVSS 5.8
EPSS 0.93
CVE-2023-50359 LOW
QNAP QTS and QuTS hero - Unchecked Return Value Leading to Denial of Service
Feb 02, 2024
CVSS 3.4
EPSS 0.00
CVE-2023-47568 HIGH
QNAP QTS and QuTS hero - Authenticated SQL Injection
Feb 02, 2024
CVSS 8.8
EPSS 0.00
CVE-2023-47567 MEDIUM
QNAP QTS and QuTS hero - Authenticated OS Command Injection
Feb 02, 2024
CVSS 4.7
EPSS 0.00
CVE-2023-47566 MEDIUM
QNAP QTS, QuTS hero, and QuTScloud - Authenticated OS Command Injection
Feb 02, 2024
CVSS 6.7
EPSS 0.00
CVE-2023-47564 HIGH
Qsync Central 4.3.0.0-4.3.0.10 - Authenticated Incorrect Permission Assignment for Critical Resource
Feb 02, 2024
CVSS 8.0
EPSS 0.08
CVE-2023-47562 HIGH
QNAP Photo Station 6.4.0-6.4.1 - Authenticated OS Command Injection
Feb 02, 2024
CVSS 7.4
EPSS 0.00
CVE-2023-47561 MEDIUM
QNAP Photo Station 6.4.0-6.4.1 - Authenticated Stored Cross-Site Scripting
Feb 02, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-45037 LOW
QNAP QTS, QuTS hero, and QuTScloud - Authenticated Remote Code Execution via Buffer Overflow
Feb 02, 2024
CVSS 3.8
EPSS 0.00
CVE-2023-45036 LOW
QNAP QTS and QuTS hero < 5.1.3.2578 and QuTScloud < 5.1.5.2651 - Authenticated Buffer Overflow
Feb 02, 2024
CVSS 3.8
EPSS 0.00
CVE-2023-45035 LOW
QNAP QTS and QuTS hero < 5.1.4.2596 and QuTScloud < 5.1.5.2651 - Authenticated Buffer Overflow
Feb 02, 2024
CVSS 3.8
EPSS 0.00
CVE-2023-45028 MEDIUM
QNAP QTS, QuTS hero, and QuTScloud - Authenticated Denial of Service via Resource Consumption
Feb 02, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-45027 MEDIUM
QNAP QTS, QuTS hero, and QuTScloud - Authenticated Path Traversal and Sensitive Data Exposure
Feb 02, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-45026 MEDIUM
QNAP QTS, QuTS hero, and QuTScloud - Authenticated Path Traversal and Sensitive Data Exposure
Feb 02, 2024
CVSS 5.5
EPSS 0.00
CVE-2023-45025 CRITICAL
QNAP QTS and QuTS hero - OS Command Injection
Feb 02, 2024
CVSS 9.0
EPSS 0.00
Products
qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV