qnap

613 tracked vulnerabilities.

CVE-2023-41289 MEDIUM
QcalAgent <1.1.8 - Command Injection
Jan 05, 2024
CVSS 6.3
EPSS 0.00
CVE-2023-41288 HIGH
Video Station <5.7.2 - Command Injection
Jan 05, 2024
CVSS 8.8
EPSS 0.00
CVE-2023-41287 MEDIUM
Video Station <5.7.2 - SQL Injection
Jan 05, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-39296 HIGH
QNAP QTS and QuTS hero - Prototype Pollution via Network Request
Jan 05, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-39294 MEDIUM
QNAP QTS and QuTS hero - Authenticated OS Command Injection
Jan 05, 2024
CVSS 6.6
EPSS 0.00
CVE-2023-47565 HIGH KEV
QVR Firmware 4.0.0-4.x - Authenticated OS Command Injection
Dec 08, 2023
CVSS 8.0
EPSS 0.87
CVE-2023-32975 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Buffer Overflow
Dec 08, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-32968 MEDIUM
QNAP QTS and QuTS hero - Authenticated Remote Code Execution via Buffer Overflow
Dec 08, 2023
CVSS 4.5
EPSS 0.00
CVE-2023-23372 MEDIUM
QNAP QTS and QuTS hero - Stored Cross-Site Scripting
Dec 08, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-41285 HIGH
QuMagie < 2.1.4 - Authenticated SQL Injection
Nov 10, 2023
CVSS 7.4
EPSS 0.00
CVE-2023-41284 HIGH
QuMagie < 2.1.4 - Authenticated SQL Injection
Nov 10, 2023
CVSS 7.4
EPSS 0.00
CVE-2023-39295 HIGH
QuMagie < 2.1.4 - Authenticated OS Command Injection
Nov 10, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-23367 MEDIUM
QNAP QTS, QuTS hero, and QuTScloud - Authenticated OS Command Injection
Nov 10, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-39301 MEDIUM
QNAP QTS < 5.1.1.2491 - Authenticated Server-Side Request Forgery
Nov 03, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-39299 HIGH
QNAP Music Station 4.8.0-4.8.10 - Path Traversal and Sensitive Data Exposure
Nov 03, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-23369 CRITICAL
QNAP QTS - OS Command Injection via Network
Nov 03, 2023
CVSS 9.0
EPSS 0.12
CVE-2023-23368 CRITICAL
QNAP QTS and QuTS - OS Command Injection
Nov 03, 2023
CVSS 9.8
EPSS 0.04
CVE-2023-23373 HIGH
QUSBCam2 >=2.0.0 <2.0.3 - OS Command Injection via Network
Oct 20, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-34977 MEDIUM
QNAP Video Station < 2023.07.27 - Authenticated Cross-Site Scripting
Oct 13, 2023
CVSS 4.6
EPSS 0.00
CVE-2023-34976 CRITICAL
QNAP Video Station < 5.7.0 - Authenticated SQL Injection
Oct 13, 2023
CVSS 10.0
EPSS 0.00
CVE-2023-34975 MEDIUM
QNAP Video Station < 5.7.0 - Authenticated OS Command Injection
Oct 13, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-32976 MEDIUM
QNAP Container Station < 2.6.7.44 - Authenticated OS Command Injection
Oct 13, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-32974 HIGH
QNAP QTS 5.1.0-5.1.0.2443, QuTS hero h5.1.0-h5.1.0.2423, QuTScloud c5.0.0.1919-c5.1.0.2497 - Path Traversal
Oct 13, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-32973 LOW
QNAP QTS 4.5.1-4.5.4.2467 - Authenticated Stack-based Buffer Overflow
Oct 13, 2023
CVSS 3.8
EPSS 0.00
CVE-2023-32970 MEDIUM
QNAP QTS 4.5.1-4.5.4.2467 and QTS 5.1.0-5.1.0.2444 - Authenticated Denial of Service via NULL Pointer Dereference
Oct 13, 2023
CVSS 4.9
EPSS 0.00
Products
qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV