qnap
635 tracked vulnerabilities.
CVE-2021-28806
MEDIUM
QNAP QTS < 4.5.3.1652 and QuTS hero < h4.5.2.1638 and QuTScloud < c4.5.5.1656 - DOM-based Cross-Site Scripting
Jun 03, 2021
CVSS 5.7
EPSS 0.01
CVE-2021-28798
HIGH
QNAP QTS 4.3.2.0144-4.3.3.1624 and QuTS hero < h4.5.2.1638 - Relative Path Traversal
May 21, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-28799
CRITICAL
KEVNUCLEI
QNAP HBS 3 - Broken Access Control
May 13, 2021
CVSS 10.0
EPSS 0.78
CVE-2021-28797
CRITICAL
QNAP Surveillance Station < 5.1.5.3.3 - Stack-based Buffer Overflow
Apr 14, 2021
CVSS 9.8
EPSS 0.06
CVE-2020-36196
MEDIUM
QuLog Center < 1.2.0 - Stored Cross-Site Scripting
Jul 01, 2021
CVSS 6.1
EPSS 0.01
CVE-2020-36194
MEDIUM
QNAP QTS < 4.5.2.1566 and QuTS hero < h4.5.2.1638 - Cross-Site Scripting
Jul 01, 2021
CVSS 6.1
EPSS 0.01
CVE-2020-36198
MEDIUM
QNAP Malware Remover < 4.6.1.0 - Remote Command Injection
May 13, 2021
CVSS 6.7
EPSS 0.01
CVE-2020-36197
HIGH
QNAP Music Station < 5.3.16 - Improper Access Control
May 13, 2021
CVSS 7.1
EPSS 0.18
CVE-2020-36195
CRITICAL
QNAP QTS - SQL Injection via Multimedia Console or Media Streaming Add-on
Apr 17, 2021
CVSS 9.8
EPSS 0.02
CVE-2020-2509
CRITICAL
KEV
QTS < 4.2.6 - OS Command Injection
Apr 17, 2021
CVSS 9.8
EPSS 0.33
CVE-2020-2502
MEDIUM
QNAP Photo Station < 6.0.11 - Cross-Site Scripting
Feb 17, 2021
CVSS 6.1
EPSS 0.01
CVE-2020-2501
CRITICAL
QNAP Surveillance Station < 5.1.5.3.3 - Stack-based Buffer Overflow
Feb 17, 2021
CVSS 9.8
EPSS 0.03
CVE-2020-2507
CRITICAL
QNAP Helpdesk < 3.0.3 - Remote Command Injection
Feb 03, 2021
CVSS 9.8
EPSS 0.03
CVE-2020-2506
HIGH
KEV
QNAP Helpdesk < 3.0.3 - Improper Access Control
Feb 03, 2021
CVSS 7.3
EPSS 0.02
CVE-2020-2508
HIGH
QNAP QTS < 4.5.1.1456 and QuTS hero < h4.5.1.1472 - OS Command Injection
Jan 11, 2021
CVSS 7.2
EPSS 0.02
CVE-2020-25847
HIGH
QNAP QTS < 4.5.1.1495 and QuTS hero < h4.5.1.1491 - OS Command Injection
Dec 29, 2020
CVSS 8.8
EPSS 0.03
CVE-2020-2505
LOW
QNAP QES < 2.1.1 - Information Disclosure via Error Message Generation
Dec 24, 2020
CVSS 2.3
EPSS 0.00
CVE-2020-2504
MEDIUM
QNAP QES < 2.1.1 - Path Traversal in File Station
Dec 24, 2020
CVSS 5.8
EPSS 0.01
CVE-2020-2503
CRITICAL
QNAP QES < 2.1.1 - Stored Cross-Site Scripting in File Station
Dec 24, 2020
CVSS 9.0
EPSS 0.01
CVE-2020-2499
MEDIUM
QES < 2.1.1 - Unauthenticated Hard-Coded Password Bypass
Dec 24, 2020
CVSS 6.3
EPSS 0.01
CVE-2020-2498
MEDIUM
QNAP QTS and QuTS hero - Stored Cross-Site Scripting in Certificate Configuration
Dec 10, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2497
MEDIUM
QNAP QTS and QuTS hero - Stored Cross-Site Scripting in System Connection Logs
Dec 10, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2496
MEDIUM
QNAP QTS and QuTS hero - Cross-Site Scripting in File Station
Dec 10, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2495
MEDIUM
QNAP QTS and QuTS hero - Cross-Site Scripting in File Station
Dec 10, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-2494
MEDIUM
QNAP Music Station < 5.3.13 - Cross-Site Scripting
Dec 10, 2020
CVSS 6.1
EPSS 0.01
Products
qts 283
quts_hero 234
qsync_central 62
qutscloud 62
file_station 54
photo_station 26
video_station 15
media_streaming_add-on 13
music_station 13
qumagie 13
qurouter 12
helpdesk 11
qvr 10
qulog_center 8
nas_proxy_server 7
q\'center 7
hybrid_backup_sync 6
license_center 6
notes_station_3 6
qvr_pro 6
multimedia_console 5
qunetswitch 5
qvr_elite 5
qvr_guard 5
qes 4
download_station 3
qcalagent 3
qufirewall 3
qvp-21a_firmware 3
qvp-41a_firmware 3
Quick Filters