Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / qnap

qnap

613 tracked vulnerabilities.

CVE-2025-29885 HIGH

File Station 5 <5.5.6.4791 - Improper Certificate Validation

CVE-2025-29884 HIGH

File Station 5 <5.5.6.4791 - Info Disclosure

CVE-2025-29883 HIGH

File Station 5 <5.5.6.4791 - Improper Certificate Validation

CVE-2025-29877 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service via NULL Pointer Dereference

CVE-2025-29876 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service via NULL Pointer Dereference

CVE-2025-29873 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service via NULL Pointer Dereference

CVE-2025-29872 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service

CVE-2025-29871 MEDIUM

File Station 5 <5.5.6.4847 - Info Disclosure

CVE-2025-22490 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4846 - Authenticated Denial of Service via NULL Pointer Dereference

CVE-2025-22486 HIGH

QNAP File Station 5.5.6.4691-5.5.6.4791 - Improper Certificate Validation

CVE-2025-22482 HIGH

Qsync Central 4.5.0.3-4.5.0.5 - Authenticated Use of Externally-Controlled Format String

CVE-2025-22481 HIGH

QNAP QTS and QuTS hero - Authenticated OS Command Injection

CVE-2024-14026 HIGH

QNAP QTS/QuTS hero - Command Injection

CVE-2024-14025 MEDIUM

Video Station <5.8.2 - SQL Injection

CVE-2024-14024 MEDIUM

QNAP Video Station 5.0.0-5.8.1 - Improper Certificate Validation

CVE-2024-56808 HIGH

Media Streaming add-on <500.1.1.6 - Command Injection

CVE-2024-56807 MEDIUM

Media Streaming add-on <500.1.1.6 - Info Disclosure

CVE-2024-56804 HIGH

Video Station <5.8.4 - SQL Injection

CVE-2024-12923 MEDIUM

QNAP Photo Station 6.4.0-6.4.4 - Authenticated Stored Cross-Site Scripting

CVE-2024-56805 MEDIUM

QNAP QTS and QuTS hero - Heap-based Buffer Overflow

CVE-2024-50406 MEDIUM

QNAP License Center 1.9.36-1.9.48 - Cross-Site Scripting

CVE-2024-13088 HIGH

QHora - Auth Bypass

CVE-2024-13087 MEDIUM

QHora - Command Injection

CVE-2024-53700 HIGH

Qnap Qurouter - Command Injection

CVE-2024-53699 HIGH

QNAP QTS and QuTS hero - Out-of-bounds Write

Previous Page 9 of 25 Next

Products

qts 272 quts_hero 223 qsync_central 62 qutscloud 62 file_station 48 photo_station 26 video_station 15 media_streaming_add-on 13 music_station 13 qurouter 12 helpdesk 11 qumagie 10 qvr 10 qulog_center 8 nas_proxy_server 7 q\'center 7 hybrid_backup_sync 6 notes_station_3 6 qvr_pro 6 license_center 5 multimedia_console 5 qunetswitch 5 qvr_elite 5 qvr_guard 5 qes 4 download_station 3 qcalagent 3 qufirewall 3 qvp-21a_firmware 3 qvp-41a_firmware 3

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy