qnap

613 tracked vulnerabilities.

CVE-2018-0715 MEDIUM
QNAP Photo Station <= 5.7.0 - Cross-Site Scripting
Aug 27, 2018
CVSS 6.1
EPSS 0.07
CVE-2018-0714 CRITICAL
QNAP Helpdesk < 1.1.21 - Remote Command Injection
Aug 13, 2018
CVSS 9.8
EPSS 0.06
CVE-2018-0710 HIGH
QNAP Q'center < 1.7.1063 - Authenticated OS Command Injection via SSH
Jul 17, 2018
CVSS 8.8
EPSS 0.16
CVE-2018-0709 HIGH
QNAP Q'center < 1.7.1063 - Authenticated OS Command Injection via Date Parameter
Jul 17, 2018
CVSS 8.8
EPSS 0.29
CVE-2018-0708 HIGH
QNAP Q'center < 1.7.1063 - Authenticated OS Command Injection
Jul 17, 2018
CVSS 8.8
EPSS 0.42
CVE-2018-0707 HIGH
QNAP Q'center < 1.7.1063 - Authenticated OS Command Injection via Change Password
Jul 17, 2018
CVSS 7.2
EPSS 0.75
CVE-2018-0706 HIGH
QNAP Q'center Virtual Appliance <1.7.1063 - Info Disclosure
Jul 17, 2018
CVSS 8.8
EPSS 0.61
CVE-2018-0712 CRITICAL
QNAP QTS < 4.3.4 - Command Injection in LDAP Server
Jun 21, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-0711 MEDIUM
QNAP QTS - Cross-Site Scripting
Apr 30, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-20210 CRITICAL
QNAP Photo Station 5.4.1 & 5.2.7 - Exposure of Sensitive Information
Nov 11, 2025
CVSS 9.8
EPSS 0.00
CVE-2017-13072 MEDIUM
QNAP QTS - Cross-Site Scripting in App Center
Jun 21, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-7639 MEDIUM
QNAP NAS Proxy Server < 1.3.0 - Improper Authentication
Jun 05, 2018
CVSS 5.3
EPSS 0.00
CVE-2017-7637 CRITICAL
QNAP NAS <1.2.0 - Command Injection
Jun 05, 2018
CVSS 9.8
EPSS 0.03
CVE-2017-7636 MEDIUM
QNAP NAS Proxy Server <= 1.2.0 - Cross-Site Scripting
Jun 05, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-7635 HIGH
QNAP NAS Proxy Server < 1.3.0 - Cross-Site Request Forgery
Jun 05, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-13073 MEDIUM
QNAP Photo Station < 5.2.7 - Cross-Site Scripting
Apr 23, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-7632 MEDIUM
QNAP QTS - Cross-Site Scripting in File Station
Mar 27, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-7631 MEDIUM
QNAP QTS 4.2.6 build 20171026 and earlier - Cross-Site Scripting in File Station Share Link Function
Mar 27, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-7630 MEDIUM
QNAP QTS <4.2.6-4.3.3 - Info Disclosure
Mar 27, 2018
CVSS 5.3
EPSS 0.00
CVE-2017-7641 HIGH
QNAP NAS - Media Streaming <430.1.2.0 - CSRF
Mar 08, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-7640 CRITICAL
QNAP Media Streaming add-on < 430.1.2.0 - Remote Code Execution
Mar 08, 2018
CVSS 9.8
EPSS 0.02
CVE-2017-7638 MEDIUM
QNAP Media Streaming add-on <= 430.1.2.0 - Improper Authentication
Mar 08, 2018
CVSS 6.5
EPSS 0.00
CVE-2017-7634 MEDIUM
QNAP NAS - Media Streaming add-on <430.1.2.0 - XSS
Mar 08, 2018
CVSS 6.1
EPSS 0.00
CVE-2017-7633 HIGH
QNAP Qfinder Pro <6.1.0.0317 - Info Disclosure
Mar 05, 2018
CVSS 7.5
EPSS 0.00
CVE-2017-17033 CRITICAL
QNAP QTS <4.3.4.0387 - Buffer Overflow
Dec 21, 2017
CVSS 9.8
EPSS 0.06
Products
qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3
Quick Filters
Critical CVEs With Exploits In CISA KEV