MidnightBSD

Advisories for qnap

CVE-2013-0142 MEDIUM

QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
qnap viostor_network_video_recorder 4.0.3
qnap surveillance_station_pro -
qnap nas -
qnap viostor_network_video_recorder -
CVE-2013-0143 MEDIUM

cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
qnap viostor_network_video_recorder 4.0.3
qnap surveillance_station_pro -
qnap nas -
qnap viostor_network_video_recorder -
CVE-2013-0144 MEDIUM

Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
qnap viostor_network_video_recorder 4.0.3
qnap viostor_network_video_recorder -
CVE-2013-5760 MEDIUM

QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
qnap photo_station_firmware *
qnap photo_station -
CVE-2013-6276 MEDIUM

QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-798,

Products Affected

Vendor Product Version
qnap viocard-300_firmware rs_b4631
qnap viocard-30_firmware 2312_2.1.0
qnap viocard-100_firmware -
qnap viocard-300_firmware rc_b3722
qnap viogate-340_firmware 2308_2.1.0
qnap viogate-340a_firmware -
CVE-2013-6277 MEDIUM

QNAP VioCard 300 has hardcoded RSA private keys.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-798,

Products Affected

Vendor Product Version
qnap viocard_300_firmware rs_b4631
qnap viocard_300_firmware rs_b3722
CVE-2013-7174 HIGH

Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
qnap qts *
qnap qts 4.0
CVE-2014-5457 LOW

QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
qnap ts-469u_firmware 4.0.7
qnap ts-469u -
qnap ts-ec1679u-rp_firmware 4.0.7
qnap ss-839_firmware 4.0.7
qnap ts-459u_firmware 4.0.7
qnap ts-459u -
qnap ss-839 -
qnap ts-ec1679u-rp -
CVE-2014-6271 HIGH

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
f5 big-ip_application_security_manager *
f5 traffix_signaling_delivery_controller *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
redhat enterprise_linux 7.0
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
mageia mageia 3.0
redhat enterprise_linux 4.0
f5 big-iq_cloud *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux 6.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
f5 big-ip_analytics *
f5 traffix_signaling_delivery_controller 3.5.1
f5 big-ip_local_traffic_manager *
ibm software_defined_network_for_virtual_environments *
novell open_enterprise_server 2.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 7.5
f5 big-ip_local_traffic_manager 11.6.0
f5 big-iq_security *
ibm qradar_vulnerability_manager 7.2.6
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
redhat enterprise_linux_server_aus 6.2
ibm qradar_security_information_and_event_manager 7.2.9
redhat enterprise_linux_for_power_big_endian 5.9_ppc
vmware esx 4.1
ibm qradar_security_information_and_event_manager 7.1.2
redhat enterprise_linux_server_tus 7.3
redhat gluster_storage_server_for_on-premise 2.1
redhat enterprise_linux_server_tus 7.7
novell zenworks_configuration_management 11.3.0
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
f5 big-ip_policy_enforcement_manager 11.6.0
ibm starter_kit_for_cloud 2.2.0
redhat enterprise_linux_server_aus 7.4
citrix netscaler_sdx_firmware *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 7.7
oracle linux 4
ibm pureapplication_system *
oracle linux 6
ibm stn7800_firmware *
f5 big-ip_link_controller 11.6.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
f5 big-ip_edge_gateway *
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.0
redhat enterprise_linux_eus 5.9
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
ibm qradar_vulnerability_manager 7.2.8
ibm storwize_v3700_firmware *
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
ibm qradar_security_information_and_event_manager 7.2
f5 big-ip_wan_optimization_manager *
novell zenworks_configuration_management 11.1
suse linux_enterprise_server 12
ibm qradar_vulnerability_manager 7.2.0
ibm infosphere_guardium_database_activity_monitoring 9.1
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
f5 big-ip_application_acceleration_manager *
vmware esx 4.0
redhat enterprise_linux_for_scientific_computing 7.0
ibm qradar_security_information_and_event_manager 7.2.1
redhat enterprise_linux_eus 7.6
f5 big-iq_device *
redhat enterprise_linux_server_from_rhui 6.0
f5 big-ip_policy_enforcement_manager *
ibm qradar_security_information_and_event_manager 7.1.0
ibm stn6800_firmware *
opensuse opensuse 12.3
ibm storwize_v7000_firmware *
f5 arx_firmware *
gnu bash *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_eus 6.4
f5 big-ip_global_traffic_manager *
canonical ubuntu_linux 12.04
qnap qts 4.1.1
f5 big-ip_access_policy_manager *
ibm qradar_vulnerability_manager 7.2.4
ibm storwize_v3500_firmware *
qnap qts *
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
f5 big-ip_link_controller *
ibm infosphere_guardium_database_activity_monitoring 9.0
ibm qradar_security_information_and_event_manager 7.2.6
ibm smartcloud_entry_appliance 2.3.0
redhat enterprise_linux_server_from_rhui 5.0
arista eos *
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
ibm qradar_security_information_and_event_manager 7.2.2
f5 traffix_signaling_delivery_controller 3.4.1
oracle linux 5
f5 enterprise_manager *
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
ibm qradar_vulnerability_manager 7.2.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
canonical ubuntu_linux 10.04
ibm qradar_security_information_and_event_manager 7.2.0
redhat enterprise_linux_for_scientific_computing 6.0
suse linux_enterprise_server 11
suse studio_onsite 1.3
f5 traffix_signaling_delivery_controller 3.3.2
f5 big-ip_protocol_security_module *
apple mac_os_x *
canonical ubuntu_linux 14.04
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
ibm infosphere_guardium_database_activity_monitoring 8.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
suse linux_enterprise_software_development_kit 11
ibm smartcloud_entry_appliance 3.1.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server 6.0
ibm workload_deployer *
mageia mageia 4.0
novell open_enterprise_server 11.0
ibm flex_system_v7000_firmware *
redhat enterprise_linux_server_tus 6.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
suse linux_enterprise_server 10
f5 big-ip_application_security_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.4
ibm stn6500_firmware *
redhat enterprise_linux_eus 7.4
ibm smartcloud_provisioning 2.1.0
redhat enterprise_linux 5.0
novell zenworks_configuration_management 10.3
ibm qradar_vulnerability_manager 7.2.1
novell zenworks_configuration_management 11.2
ibm qradar_security_information_and_event_manager 7.2.7
redhat enterprise_linux_server_aus 7.3
novell zenworks_configuration_management 11
redhat enterprise_linux_workstation 7.0
ibm smartcloud_entry_appliance 3.2.0
redhat enterprise_linux_server 7.0
ibm qradar_security_information_and_event_manager 7.2.8
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
f5 big-ip_webaccelerator *
suse linux_enterprise_desktop 11
ibm qradar_security_information_and_event_manager 7.2.8.15
ibm storwize_v5000_firmware *
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
redhat enterprise_linux_eus 7.3
ibm qradar_security_information_and_event_manager 7.2.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
redhat enterprise_linux_server 5.0
ibm smartcloud_entry_appliance 2.4.0
checkpoint security_gateway *
redhat enterprise_linux_server_aus 5.6
opensuse opensuse 13.2
opensuse opensuse 13.1
redhat enterprise_linux_server_aus 6.5
f5 big-ip_analytics 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.0
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_aus 7.6
ibm qradar_security_information_and_event_manager 7.2.3
f5 big-ip_global_traffic_manager 11.6.0
debian debian_linux 7.0
ibm pureapplication_system 2.0.0.0
ibm qradar_risk_manager 7.1.0
f5 traffix_signaling_delivery_controller 4.1.0
ibm san_volume_controller_firmware *
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
f5 big-ip_advanced_firewall_manager *
ibm qradar_vulnerability_manager 7.2.2
f5 big-ip_access_policy_manager 11.6.0
vmware vcenter_server_appliance 5.5
redhat virtualization 3.4
redhat enterprise_linux_for_power_big_endian 5.0_ppc
ibm qradar_security_information_and_event_manager 7.1.1
redhat enterprise_linux_workstation 5.0
f5 big-ip_application_acceleration_manager 11.6.0
CVE-2014-7169 HIGH

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
f5 big-ip_application_security_manager *
f5 traffix_signaling_delivery_controller *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
redhat enterprise_linux 7.0
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
mageia mageia 3.0
redhat enterprise_linux 4.0
f5 big-iq_cloud *
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux 6.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
f5 big-ip_analytics *
f5 traffix_signaling_delivery_controller 3.5.1
f5 big-ip_local_traffic_manager *
ibm software_defined_network_for_virtual_environments *
novell open_enterprise_server 2.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_eus 7.5
f5 big-ip_local_traffic_manager 11.6.0
f5 big-iq_security *
ibm qradar_vulnerability_manager 7.2.6
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
redhat enterprise_linux_server_aus 6.2
ibm qradar_security_information_and_event_manager 7.2.9
redhat enterprise_linux_for_power_big_endian 5.9_ppc
vmware esx 4.1
ibm qradar_security_information_and_event_manager 7.1.2
redhat enterprise_linux_server_tus 7.3
redhat gluster_storage_server_for_on-premise 2.1
redhat enterprise_linux_server_tus 7.7
novell zenworks_configuration_management 11.3.0
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
f5 big-ip_policy_enforcement_manager 11.6.0
ibm starter_kit_for_cloud 2.2.0
redhat enterprise_linux_server_aus 7.4
citrix netscaler_sdx_firmware *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 7.7
oracle linux 4
ibm pureapplication_system *
oracle linux 6
ibm stn7800_firmware *
f5 big-ip_link_controller 11.6.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
f5 big-ip_edge_gateway *
vmware vcenter_server_appliance 5.1
vmware vcenter_server_appliance 5.0
redhat enterprise_linux_eus 5.9
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
ibm qradar_vulnerability_manager 7.2.8
ibm storwize_v3700_firmware *
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
ibm qradar_security_information_and_event_manager 7.2
f5 big-ip_wan_optimization_manager *
novell zenworks_configuration_management 11.1
suse linux_enterprise_server 12
ibm qradar_vulnerability_manager 7.2.0
ibm infosphere_guardium_database_activity_monitoring 9.1
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
f5 big-ip_application_acceleration_manager *
vmware esx 4.0
redhat enterprise_linux_for_scientific_computing 7.0
ibm qradar_security_information_and_event_manager 7.2.1
redhat enterprise_linux_eus 7.6
f5 big-iq_device *
redhat enterprise_linux_server_from_rhui 6.0
f5 big-ip_policy_enforcement_manager *
ibm qradar_security_information_and_event_manager 7.1.0
ibm stn6800_firmware *
opensuse opensuse 12.3
ibm storwize_v7000_firmware *
f5 arx_firmware *
gnu bash *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
suse linux_enterprise_desktop 12
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_eus 6.4
f5 big-ip_global_traffic_manager *
canonical ubuntu_linux 12.04
qnap qts 4.1.1
f5 big-ip_access_policy_manager *
ibm qradar_vulnerability_manager 7.2.4
ibm storwize_v3500_firmware *
qnap qts *
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
f5 big-ip_link_controller *
ibm infosphere_guardium_database_activity_monitoring 9.0
ibm qradar_security_information_and_event_manager 7.2.6
ibm smartcloud_entry_appliance 2.3.0
redhat enterprise_linux_server_from_rhui 5.0
arista eos *
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
ibm qradar_security_information_and_event_manager 7.2.2
f5 traffix_signaling_delivery_controller 3.4.1
oracle linux 5
f5 enterprise_manager *
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
ibm qradar_vulnerability_manager 7.2.3
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
canonical ubuntu_linux 10.04
ibm qradar_security_information_and_event_manager 7.2.0
redhat enterprise_linux_for_scientific_computing 6.0
suse linux_enterprise_server 11
suse studio_onsite 1.3
f5 traffix_signaling_delivery_controller 3.3.2
f5 big-ip_protocol_security_module *
apple mac_os_x *
canonical ubuntu_linux 14.04
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
ibm infosphere_guardium_database_activity_monitoring 8.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
suse linux_enterprise_software_development_kit 11
ibm smartcloud_entry_appliance 3.1.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_server 6.0
ibm workload_deployer *
mageia mageia 4.0
novell open_enterprise_server 11.0
ibm flex_system_v7000_firmware *
redhat enterprise_linux_server_tus 6.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
suse linux_enterprise_server 10
f5 big-ip_application_security_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.4
ibm stn6500_firmware *
redhat enterprise_linux_eus 7.4
ibm smartcloud_provisioning 2.1.0
redhat enterprise_linux 5.0
novell zenworks_configuration_management 10.3
ibm qradar_vulnerability_manager 7.2.1
novell zenworks_configuration_management 11.2
ibm qradar_security_information_and_event_manager 7.2.7
redhat enterprise_linux_server_aus 7.3
novell zenworks_configuration_management 11
redhat enterprise_linux_workstation 7.0
ibm smartcloud_entry_appliance 3.2.0
redhat enterprise_linux_server 7.0
ibm qradar_security_information_and_event_manager 7.2.8
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
suse linux_enterprise_software_development_kit 12
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
f5 big-ip_webaccelerator *
suse linux_enterprise_desktop 11
ibm qradar_security_information_and_event_manager 7.2.8.15
ibm storwize_v5000_firmware *
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
redhat enterprise_linux_eus 7.3
ibm qradar_security_information_and_event_manager 7.2.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
redhat enterprise_linux_server 5.0
ibm smartcloud_entry_appliance 2.4.0
checkpoint security_gateway *
redhat enterprise_linux_server_aus 5.6
opensuse opensuse 13.2
opensuse opensuse 13.1
redhat enterprise_linux_server_aus 6.5
f5 big-ip_analytics 11.6.0
f5 big-ip_advanced_firewall_manager 11.6.0
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server_aus 7.6
ibm qradar_security_information_and_event_manager 7.2.3
f5 big-ip_global_traffic_manager 11.6.0
debian debian_linux 7.0
ibm pureapplication_system 2.0.0.0
ibm qradar_risk_manager 7.1.0
f5 traffix_signaling_delivery_controller 4.1.0
ibm san_volume_controller_firmware *
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
f5 big-ip_advanced_firewall_manager *
ibm qradar_vulnerability_manager 7.2.2
f5 big-ip_access_policy_manager 11.6.0
vmware vcenter_server_appliance 5.5
redhat virtualization 3.4
redhat enterprise_linux_for_power_big_endian 5.0_ppc
ibm qradar_security_information_and_event_manager 7.1.1
redhat enterprise_linux_workstation 5.0
f5 big-ip_application_acceleration_manager 11.6.0
CVE-2015-5664 MEDIUM

Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS before 4.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts *
CVE-2015-6003 HIGH

Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
qnap qts *
CVE-2015-6022 HIGH

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
qnap signage_station *
CVE-2015-6036 MEDIUM

QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and consequently upload files, via a spoofed HTTP request.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
qnap sinage_station 2.0.0
CVE-2015-7261 HIGH

The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-255,

Products Affected

Vendor Product Version
qnap iartist_lite *
qnap signage_station *
CVE-2015-7262 HIGH

QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-18,

Products Affected

Vendor Product Version
qnap iartist_lite *
qnap signage_station *
CVE-2017-10700 HIGH

In the medialibrary component in QNAP NAS 4.3.3.0229, an un-authenticated, remote attacker can execute arbitrary system commands as the root user of the NAS application.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
qnap qts 4.3.3.0229
CVE-2017-12582 HIGH

Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that unprivileged user SID, all function can access at Surveillance Station.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-862,

Products Affected

Vendor Product Version
qnap ts-212p_firmware 4.2.1
CVE-2017-13067 HIGH

QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote attacker to execute commands on a QNAP NAS using a transcoding service on port 9251. A remote user does not require any privileges to successfully execute an attack.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
qnap qts *
CVE-2017-13068 MEDIUM

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
qnap qts_helpdesk *
CVE-2017-13069 HIGH

QNAP discovered a number of command injection vulnerabilities found in Music Station versions 4.8.6 (for QTS 4.2.x), 5.0.7 (for QTS 4.3.x), and earlier. If exploited, these vulnerabilities may allow a remote attacker to run arbitrary commands on the NAS.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2017-13070 HIGH

A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-426,

Products Affected

Vendor Product Version
qnap qsync *
CVE-2017-13071 HIGH

QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap video_station 5.1.3
qnap video_station 5.2.0
CVE-2017-13072 MEDIUM

Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2017-13073 MEDIUM

Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2017-17027 HIGH

A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-17028 HIGH

A buffer overflow vulnerability in external device function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-17029 HIGH

A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-17030 HIGH

A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-17031 HIGH

A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-17032 HIGH

A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-17033 HIGH

A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0358
qnap qts 4.3.4.0372
qnap qts 4.3.4.0374
qnap qts 4.3.4.0387
qnap qts *
qnap qts 4.3.4.0370
CVE-2017-20210

Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerability related to the XMR mining programs identified by internal research.

Products Affected

Vendor Product Version
qnap photo_station 5.2.7
qnap photo_station 5.4.1
CVE-2017-5227 MEDIUM

QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
qnap qts *
CVE-2017-6359 HIGH

QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap qts *
CVE-2017-6360 HIGH

QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap qts *
CVE-2017-6361 HIGH

QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap qts *
CVE-2017-7629 MEDIUM

QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-640,

Products Affected

Vendor Product Version
qnap qts *
CVE-2017-7630 MEDIUM

QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2017-7631 MEDIUM

Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2017-7632 MEDIUM

Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2017-7633 MEDIUM

QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
qnap qfinder_pro *
CVE-2017-7634 MEDIUM

Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to inject arbitrary web script or HTML. The injected code will only be triggered by a crafted link, not the normal page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2017-7635 MEDIUM

QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2017-7636 MEDIUM

Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2017-7637 HIGH

QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2017-7638 MEDIUM

QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not authenticate requests properly. Successful exploitation could lead to change of the Media Streaming settings, and leakage of sensitive information of the QNAP NAS.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2017-7639 MEDIUM

QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2017-7640 HIGH

QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to run arbitrary OS commands against the system with root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2017-7641 MEDIUM

QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2017-7876 HIGH

This command injection vulnerability in QTS allows attackers to run arbitrary commands in the compromised application. QNAP have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3.0174 build 20170503 and later versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve@mitre.org 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap qts *
CVE-2018-0706 MEDIUM

Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2018-0707 HIGH

Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2018-0708 HIGH

Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2018-0709 HIGH

Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2018-0710 HIGH

Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2018-0711 MEDIUM

Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build 20180126, QTS 4.3.4 build 20180315, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0526
qnap qts 4.3.4.0569
qnap qts 4.3.4.0597
qnap qts 4.3.3.0546
qnap qts 4.3.4.0561
qnap qts 4.3.4.0551
qnap qts 4.3.3.0570
qnap qts 4.3.4.0516
qnap qts 4.3.4.0604
qnap qts 4.3.4.0557
qnap qts 4.3.4.0593
qnap qts 4.3.3.0514
CVE-2018-0712 HIGH

Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap qts *
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2018-0714 HIGH

Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2018-0715 MEDIUM

Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2018-0716 MEDIUM

Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
qnap qts 4.3.5
CVE-2018-0718 HIGH

Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and 4.3.4 could allow remote attackers to run arbitrary commands in the compromised application.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2018-0719 MEDIUM

Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP Systems Inc. QTS allows attackers to inject javascript. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2018-0721 HIGH

Buffer Overflow vulnerability in NAS devices. QTS allows attackers to run arbitrary code. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.7 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L 1.8 5.3

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
CVE-2018-0722 MEDIUM

Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2018-0723 MEDIUM

Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0724.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap q'center_virtual_appliance *
CVE-2018-0724 MEDIUM

Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0723.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap q'center_virtual_appliance *
CVE-2018-0728 MEDIUM

This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2018-0729 HIGH

This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2018-0730 HIGH

This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap qts 4.3.6.0979
qnap qts 4.4.1.1086
qnap qts 4.3.6.0944
qnap qts 4.4.1.1031
qnap qts 4.3.3.0998
qnap qts 4.3.6.1013
qnap qts 4.4.1.1064
qnap qts 4.2.6
qnap qts 4.4.1.0949
qnap qts 4.4.1.0999
qnap qts 4.4.1.1101
qnap qts 4.4.1.0948
qnap qts 4.3.6.0895
qnap qts 4.4.1.1081
qnap qts 4.4.1.0998
qnap qts 4.3.6.0959
qnap qts 4.3.4.0899
qnap qts 4.3.6.0923
qnap qts 4.3.3.0868
qnap qts 4.3.4.1029
qnap qts 4.3.6.1033
qnap qts 4.4.1.1033
qnap qts 4.4.1.0978
qnap qts 4.3.6.0993
qnap qts 4.3.6.0907
CVE-2018-14746 HIGH

Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
qnap qts 4.3.5
CVE-2018-14747 MEDIUM

NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to crash the NAS media server.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
qnap qts 4.3.5
CVE-2018-14748 HIGH

Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-863,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
qnap qts 4.3.5
CVE-2018-14749 HIGH

Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
qnap qts 4.3.5
CVE-2018-19941 MEDIUM

A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.2.1379 build 20200730 (and later)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-315,CWE-312,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2018-19942 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QTS 4.5.1.1456 build 20201015 (and later) QTS 4.3.6.1446 build 20200929 (and later) QTS 4.3.4.1463 build 20201006 (and later) QTS 4.3.3.1432 build 20201006 (and later) QTS 4.2.6 build 20210327 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.4.1601 build 20210309 (and later) QuTScloud c4.5.3.1454 build 20201013 (and later)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0526
qnap qts 4.3.3.0154
qnap qts 4.3.4.1282
qnap qts 4.3.4.0370
qnap qts 4.3.3.0229
qnap qts 4.3.3.0418
qnap qts 4.3.6.0944
qnap qts 4.3.3.0546
qnap qts 4.3.4.0561
qnap qts 4.3.3.0416
qnap qts 4.3.3.0174
qnap qts 4.3.4.0506
qnap qts 4.3.6.1263
qnap qts 4.2.6
qnap qts 4.3.4.1190
qnap qts 4.3.3.0404
qnap qts 4.3.3
qnap qts 4.3.3.0238
qnap qts 4.3.6.1070
qnap qts 4.3.3.0096
qnap quts_hero h4.5.1
qnap qts 4.3.3.1161
qnap qts 4.3.3.0299
qnap qts 4.3.6.0895
qnap qts 4.3.4.0374
qnap qts 4.3.4
qnap qts 4.3.4.1082
qnap qts 4.3.3.0353
qnap qts 4.3.6.0959
qnap qts 4.3.3.0262
qnap qts 4.3.4.0899
qnap qts 4.3.4.0435
qnap qts 4.3.6.0923
qnap qts 4.5.2
qnap qts 4.3.4.0372
qnap qts 4.3.4.0387
qnap qts 4.3.4.0411
qnap qutscloud *
qnap qts 4.3.3.0570
qnap qts 4.3.6.1033
qnap qts 4.3.4.1417
qnap qts 4.3.4.0516
qnap qts 4.3.6.0993
qnap qts 4.3.3.1315
qnap qts 4.3.4.0483
qnap qts 4.3.3.0188
qnap qts 4.3.6.0907
qnap qts 4.3.6.0979
qnap qts 4.3.4.0358
qnap qts 4.3.6.1286
qnap qts 4.5.1
qnap qts 4.3.4.0434
qnap qts 4.3.4.0486
qnap qutscloud c4.5.4
qnap qts 4.3.3.0210
qnap qts 4.3.3.0095
qnap qts 4.3.3.0998
qnap qts 4.3.6.1013
qnap qts 4.3.6.1411
qnap qts 4.3.4.0593
qnap qts 4.3.6.1218
qnap qts 4.3.3.0136
qnap qts 4.3.4.0451
qnap qts 4.3.3.0351
qnap qts 4.3.3.1252
qnap qts 4.3.4.1368
qnap qts 4.3.3.0448
qnap qts 4.3.3.1051
qnap qutscloud c4.5.3
qnap qts 4.3.4.0416
qnap qts 4.3.4.0569
qnap qts 4.3.3.1098
qnap qts 4.3.4.0597
qnap qts 4.3.3.0361
qnap qts 4.3.3.0378
qnap qts 4.3.3.0868
qnap qts 4.3.4.1029
qnap quts_hero *
qnap qts 4.3.3.1386
qnap qts 4.3.4.0551
qnap qts 4.3.3.0369
qnap qts 4.3.3.0396
qnap qts *
qnap qts 4.3.6.1154
qnap qts 4.3.4.0604
qnap qts 4.3.6
qnap qts 4.3.4.0427
qnap qts 4.3.4.0557
qnap qts 4.3.6.1333
qnap qts 4.3.3.0514
CVE-2018-19943 LOW

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.0 HIGH CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H 1.3 6.0
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap qts *
qnap qts 4.2.6
CVE-2018-19944 MEDIUM

A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354 build 20200702 (and later)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,CWE-319,CWE-319,

Products Affected

Vendor Product Version
qnap qts *
CVE-2018-19945 HIGH

A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed this vulnerability in the following versions: QTS 4.3.6.0895 build 20190328 (and later) QTS 4.3.4.0899 build 20190322 (and later) This issue does not affect QTS 4.4.x or QTS 4.5.x.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-22,CWE-73,CWE-284,CWE-22,

Products Affected

Vendor Product Version
qnap qts *
CVE-2018-19946 MEDIUM

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N 2.2 3.6
security@qnapsecurity.com.tw 4.2 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N 1.6 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,CWE-297,CWE-295,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2018-19947 MEDIUM

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-209,CWE-210,CWE-209,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2018-19948 MEDIUM

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 2.0 LOW CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N 0.5 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-352,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2018-19949 HIGH

If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qts *
qnap qts 4.2.6
CVE-2018-19950 HIGH

If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2018-19951 MEDIUM

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2018-19952 MEDIUM

If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-80,CWE-943,CWE-89,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2018-19953 MEDIUM

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap qts *
qnap qts 4.2.6
CVE-2018-19954 MEDIUM

The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2018-19955 MEDIUM

The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2018-19956 MEDIUM

The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2018-19957 MEDIUM

A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy and security attacks. We have already fixed this vulnerability in the following versions: QTS 4.5.4.1715 build 20210630 and later QuTS hero h4.5.4.1771 build 20210825 and later QuTScloud c4.5.6.1755 build 20210809 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,CWE-1021,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2019-7181 MEDIUM

Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
qnap myqnapcloud *
CVE-2019-7183 HIGH

This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,

Products Affected

Vendor Product Version
qnap qts 4.3.6.0979
qnap qts 4.4.1.1086
qnap qts 4.3.6.0944
qnap qts 4.4.1.1031
qnap qts 4.3.3.0998
qnap qts 4.3.6.1013
qnap qts 4.4.1.1064
qnap qts 4.2.6
qnap qts 4.4.1.0949
qnap qts 4.4.1.0999
qnap qts 4.4.1.1101
qnap qts 4.4.1.0948
qnap qts 4.3.6.0895
qnap qts 4.4.1.1081
qnap qts 4.4.1.0998
qnap qts 4.3.6.0959
qnap qts 4.3.4.0899
qnap qts 4.3.6.0923
qnap qts 4.3.3.0868
qnap qts 4.3.4.1029
qnap qts 4.3.6.1033
qnap qts 4.4.1.1033
qnap qts 4.4.1.0978
qnap qts 4.3.6.0993
qnap qts 4.3.6.0907
CVE-2019-7184 LOW

This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap video_station *
CVE-2019-7185 LOW

This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Music Station to their latest versions.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2019-7192 HIGH

This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. To fix these vulnerabilities, QNAP recommend updating Photo Station to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-863,CWE-863,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2019-7193 HIGH

This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,CWE-20,

Products Affected

Vendor Product Version
qnap qts 4.3.6.0895
qnap qts 4.3.6.0979
qnap qts 4.4.1.0998
qnap qts 4.3.6.0959
qnap qts 4.3.6.0923
qnap qts 4.3.6.0944
qnap qts 4.4.1.1031
qnap qts 4.3.6.1013
qnap qts 4.3.6.1033
qnap qts 4.4.1.1033
qnap qts 4.4.1.0949
qnap qts 4.4.1.0978
qnap qts 4.3.6.0993
qnap qts 4.4.1.0999
qnap qts 4.4.1.0948
qnap qts 4.3.6.0907
CVE-2019-7194 HIGH

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2019-7195 HIGH

This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2019-7197 LOW

A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an attacker to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS to the latest version.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qts 4.3.4
qnap qts 4.2.6
qnap qts 4.3.3
qnap qts 4.4.1
qnap qts 4.3.6
CVE-2019-7198 HIGH

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2019-7201 HIGH

An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-428,

Products Affected

Vendor Product Version
qnap netbak_replicator *
CVE-2020-2490 MEDIUM

If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qts *
CVE-2020-2491 MEDIUM

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. QTS 4.5.1: Photo Station 6.0.12 and later QTS 4.4.3: Photo Station 6.0.12 and later QTS 4.3.6: Photo Station 5.7.12 and later QTS 4.3.4: Photo Station 5.7.13 and later QTS 4.3.3: Photo Station 5.4.10 and later QTS 4.2.6: Photo Station 5.2.11 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2020-2492 MEDIUM

If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qts *
CVE-2020-2493 MEDIUM

This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in Multimedia Console 1.1.5 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap multimedia_console *
CVE-2020-2494 MEDIUM

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5.1: Music Station 5.3.12 and later QTS 4.4.3: Music Station 5.3.12 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2020-2495 MEDIUM

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-2496 MEDIUM

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-2497 MEDIUM

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-2498 MEDIUM

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-2499 MEDIUM

A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N 1.1 4.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-259,CWE-522,CWE-798,CWE-798,

Products Affected

Vendor Product Version
qnap qes 2.1.1
qnap qes *
CVE-2020-2500 MEDIUM

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can access the sensitive data on QNAP Kayako server with API keys. We have replaced the API key to mitigate the vulnerability, and already fixed the issue in Helpdesk 3.0.1 and later versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-321,CWE-798,CWE-798,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2020-2501 HIGH

A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
qnap surveillance_station *
CVE-2020-2502 MEDIUM

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. Photo Station 6.0.11 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2020-2503 LOW

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 9.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H 2.3 6.0

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-80,CWE-749,CWE-79,

Products Affected

Vendor Product Version
qnap qes 2.1.1
qnap qes *
CVE-2020-2504 MEDIUM

If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,CWE-22,CWE-73,CWE-284,CWE-22,

Products Affected

Vendor Product Version
qnap qes 2.1.1
qnap qes *
CVE-2020-2505 LOW

If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 2.3 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 0.8 1.4
security@qnapsecurity.com.tw 2.3 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 0.8 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-209,CWE-755,CWE-209,

Products Affected

Vendor Product Version
qnap qes 2.1.1
qnap qes *
CVE-2020-2506 HIGH

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 3.9 3.4

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,NVD-CWE-Other,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2020-2507 HIGH

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-78,CWE-78,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2020-2508 MEDIUM

A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-2509 HIGH

A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qts 4.3.4.0526
qnap qts 4.3.4.1282
qnap qts 4.3.4.0370
qnap qts 4.3.3.1432
qnap qts 4.3.6.0944
qnap qts 4.3.4.0561
qnap qts 4.3.4.1463
qnap qts 4.3.3.0174
qnap qts 4.3.4.0506
qnap qts 4.3.6.1263
qnap qts 4.3.6.1446
qnap qts 4.2.6
qnap qts 4.3.4.1190
qnap qts 4.5.1.1456
qnap qts 4.3.6.1070
qnap quts_hero h4.5.1
qnap qts 4.3.3.1161
qnap qts 4.3.6.0895
qnap qts 4.3.4.0374
qnap qts 4.3.4.1082
qnap qts 4.3.6.0959
qnap qts 4.3.4.0899
qnap qts 4.3.4.0435
qnap qts 4.3.6.0923
qnap qts 4.5.2
qnap qts 4.3.4.0372
qnap qts 4.3.4.0387
qnap qts 4.3.4.0411
qnap qts 4.3.6.1033
qnap qts 4.3.4.1417
qnap qts 4.3.4.0516
qnap qts 4.3.6.0993
qnap qts 4.3.3.1315
qnap qts 4.3.4.0483
qnap qts 4.3.6.0907
qnap qts 4.3.6.0979
qnap qts 4.3.4.0358
qnap quts_hero h4.5.1.1472
qnap qts 4.3.6.1286
qnap qts 4.5.1
qnap qts 4.5.1.1480
qnap qts 4.3.4.0434
qnap qts 4.3.4.0486
qnap qts 4.5.1.1465
qnap qts 4.3.3.0998
qnap qts 4.3.6.1013
qnap qts 4.3.6.1411
qnap qts 4.5.1.1461
qnap qts 4.3.4.0593
qnap qts 4.3.6.1218
qnap qts 4.3.4.0451
qnap qts 4.3.3.1252
qnap qts 4.3.4.1368
qnap qts 4.3.3.1051
qnap qts 4.3.4.0416
qnap qts 4.3.4.0569
qnap qts 4.3.3.1098
qnap qts 4.3.4.0597
qnap qts 4.3.3.0868
qnap qts 4.3.4.1029
qnap quts_hero *
qnap qts 4.3.3.1386
qnap qts 4.3.4.0551
qnap qts *
qnap qts 4.3.6.1154
qnap qts 4.3.4.0604
qnap qts 4.3.6
qnap qts 4.3.4.0427
qnap qts 4.3.4.0557
qnap qts 4.3.6.1333
CVE-2020-25847 MEDIUM

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
twcert@cert.org.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-36194 MEDIUM

An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.2.1566 Build 20210202. QNAP Systems Inc. QuTS hero versions prior to h4.5.2.1638 build 20210414. This issue does not affect: QNAP Systems Inc. QTS 4.5.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2020-36195 HIGH

An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia Console and the Media Streaming add-on. QTS 4.3.3: Media Streaming add-on 430.1.8.10 and later QTS 4.3.6: Media Streaming add-on 430.1.8.8 and later QTS 4.4.x and later: Multimedia Console 1.3.4 and later We have also fixed this vulnerability in the following versions of QTS 4.3.3 and QTS 4.3.6, respectively: QTS 4.3.3.1624 Build 20210416 or later QTS 4.3.6.1620 Build 20210322 or later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,CWE-89,CWE-943,CWE-89,

Products Affected

Vendor Product Version
qnap qts 4.3.3.0154
qnap qts 4.3.3.1432
qnap qts 4.3.3.0229
qnap qts 4.3.3.0418
qnap qts 4.3.6.0944
qnap qts 4.3.3.0546
qnap qts 4.3.3.0416
qnap qts 4.3.3.0174
qnap qts 4.3.6.1263
qnap qts 4.3.6.1446
qnap qts 4.3.3.0404
qnap qts 4.3.3
qnap qts 4.3.3.0238
qnap qts 4.3.6.1070
qnap qts 4.3.3.0096
qnap qts 4.3.3.1161
qnap qts 4.3.3.0299
qnap qts 4.3.6.0895
qnap qts 4.3.3.0353
qnap qts 4.3.6.0959
qnap qts 4.3.3.0262
qnap qts 4.3.6.0923
qnap qts 4.3.3.0570
qnap qts 4.3.6.1033
qnap media_streaming_add-on *
qnap qts 4.3.6.0993
qnap qts 4.3.3.1315
qnap qts 4.3.3.0188
qnap qts 4.3.6.0907
qnap qts 4.3.6.0979
qnap qts 4.3.6.1286
qnap qts 4.3.3.0210
qnap qts 4.3.3.0095
qnap qts 4.3.3.0998
qnap qts 4.3.6.1013
qnap qts 4.3.6.1411
qnap qts 4.3.6.1218
qnap qts 4.3.3.0136
qnap qts 4.3.3.0351
qnap qts 4.3.3.1252
qnap qts 4.3.3.0448
qnap qts 4.3.3.1051
qnap multimedia_console *
qnap qts 4.3.3.1098
qnap qts 4.3.3.0361
qnap qts 4.3.3.0378
qnap qts 4.3.3.0868
qnap qts 4.3.3.1386
qnap qts 4.3.3.0369
qnap qts 4.3.3.0396
qnap qts *
qnap qts 4.3.6.1154
qnap qts 4.3.6
qnap qts 4.3.6.1333
qnap qts 4.3.3.0514
CVE-2020-36196 MEDIUM

A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QuLog Center versions prior to 1.2.0.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap qulog_center *
CVE-2020-36197 MEDIUM

An improper access control vulnerability has been reported to affect earlier versions of Music Station. If exploited, this vulnerability allows attackers to compromise the security of the software by gaining privileges, reading sensitive information, executing commands, evading detection, etc. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.3.16 on QTS 4.5.2; versions prior to 5.2.10 on QTS 4.3.6; versions prior to 5.1.14 on QTS 4.3.3; versions prior to 5.3.16 on QuTS hero h4.5.2; versions prior to 5.3.16 on QuTScloud c4.5.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 7.1 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H 2.8 4.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,CWE-22,

Products Affected

Vendor Product Version
qnap music_station *
CVE-2020-36198 HIGH

A command injection vulnerability has been reported to affect certain versions of Malware Remover. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Malware Remover versions prior to 4.6.1.0. This issue does not affect: QNAP Systems Inc. Malware Remover 3.x.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
security@qnapsecurity.com.tw 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-78,CWE-78,

Products Affected

Vendor Product Version
qnap malware_remover *
CVE-2021-28797 HIGH

A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-121,CWE-787,

Products Affected

Vendor Product Version
qnap surveillance_station *
CVE-2021-28798 MEDIUM

A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.2.1630 Build 20210406 and later QTS 4.3.6.1663 Build 20210504 and later QTS 4.3.3.1624 Build 20210416 and later QuTS hero h4.5.2.1638 Build 20210414 and later QNAP NAS running QTS 4.5.3 are not affected.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-23,CWE-284,CWE-22,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2021-28799 HIGH

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote attackers to log in to a device. This issue affects: QNAP Systems Inc. HBS 3 versions prior to v16.0.0415 on QTS 4.5.2; versions prior to v3.0.210412 on QTS 4.3.6; versions prior to v3.0.210411 on QTS 4.3.4; versions prior to v3.0.210411 on QTS 4.3.3; versions prior to v16.0.0419 on QuTS hero h4.5.1; versions prior to v16.0.0419 on QuTScloud c4.5.1~c4.5.4. This issue does not affect: QNAP Systems Inc. HBS 2 . QNAP Systems Inc. HBS 1.3 .

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-285,NVD-CWE-Other,

Products Affected

Vendor Product Version
qnap hybrid_backup_sync *
CVE-2021-28800 HIGH

A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.3.6.1663 Build 20210504; versions prior to 4.3.3.1624 Build 20210416. This issue does not affect: QNAP Systems Inc. QTS 4.5.3. QNAP Systems Inc. QuTS hero h4.5.3. QNAP Systems Inc. QuTScloud c4.5.5.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap qts *
CVE-2021-28801 MEDIUM

An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read sensitive information on the system. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.2 build 20210122 on QSW-M2108-2C; versions prior to 1.0.2 build 20210122 on QSW-M2108-2S; versions prior to 1.0.2 build 20210122 on QSW-M2108R-2C.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.1 LOW CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 1.6 1.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
qnap qss *
CVE-2021-28802 HIGH

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build 20210107. QNAP Systems Inc. QuTS hero versions prior to h4.5.1.1582 build 20210217.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2021-28803 LOW

This issue affects: QNAP Systems Inc. Q'center versions prior to 1.11.1004.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-80,CWE-79,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2021-28804 HIGH

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build 20210107. QNAP Systems Inc. QuTS hero versions prior to h4.5.1.1582 build 20210217.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2021-28805 LOW

Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read application data. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.3 build 20210505 on QSW-M2108-2C; versions prior to 1.0.3 build 20210505 on QSW-M2108-2S; versions prior to 1.0.3 build 20210505 on QSW-M2108R-2C; versions prior to 1.0.12 build 20210506 on QSW-M408.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6
security@qnapsecurity.com.tw 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: LOW

Problem Type: CWE-540,CWE-200,

Products Affected

Vendor Product Version
qnap qss *
CVE-2021-28806 LOW

A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.3.1652 Build 20210428. QNAP Systems Inc. QuTS hero versions prior to h4.5.2.1638 Build 20210414. QNAP Systems Inc. QuTScloud versions prior to c4.5.5.1656 Build 20210503. This issue does not affect: QNAP Systems Inc. QTS 4.3.6; 4.3.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 2.1 3.6
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2021-28807 LOW

A post-authentication reflected XSS vulnerability has been reported to affect QNAP NAS running Q’center. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already fixed this vulnerability in the following versions of Q’center: QTS 4.5.3: Q’center v1.12.1012 and later QTS 4.3.6: Q’center v1.10.1004 and later QTS 4.3.3: Q’center v1.10.1004 and later QuTS hero h4.5.2: Q’center v1.12.1012 and later QuTScloud c4.5.4: Q’center v1.12.1012 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 3.1 4.0

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap q'center *
CVE-2021-28809 HIGH

An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3. If exploited, this vulnerability allows attackers to compromise the security of the operating system.QNAP have already fixed this vulnerability in the following versions of HBS 3: QTS 4.3.6: HBS 3 v3.0.210507 and later QTS 4.3.4: HBS 3 v3.0.210506 and later QTS 4.3.3: HBS 3 v3.0.210506 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,CWE-306,CWE-749,

Products Affected

Vendor Product Version
qnap hybrid_backup_sync *
CVE-2021-28810 MEDIUM

If exploited, this vulnerability allows an attacker to access resources which are not otherwise accessible without proper authentication. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
security@qnapsecurity.com.tw 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,

Products Affected

Vendor Product Version
qnap roon_server *
CVE-2021-28812 MEDIUM

A command injection vulnerability has been reported to affect certain versions of Video Station. If exploited, this vulnerability allows remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. Video Station versions prior to 5.5.4 on QTS 4.5.2; versions prior to 5.5.4 on QuTS hero h4.5.2; versions prior to 5.5.4 on QuTScloud c4.5.4. This issue does not affect: QNAP Systems Inc. Video Station on QTS 4.3.6; on QTS 4.3.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,CWE-78,CWE-1286,CWE-77,

Products Affected

Vendor Product Version
qnap video_station *
CVE-2021-28813 MEDIUM

A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
security@qnapsecurity.com.tw 9.6 CRITICAL CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H 2.8 6.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-259,CWE-522,CWE-798,CWE-922,

Products Affected

Vendor Product Version
qnap qunetswitch *
qnap qsw-m2116p-2t2s_firmware *
CVE-2021-28814 MEDIUM

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,NVD-CWE-Other,

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2021-28815 MEDIUM

Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism. This issue affects: QNAP Systems Inc. myQNAPcloud Link versions prior to 2.2.21 on QTS 4.5.3; versions prior to 2.2.21 on QuTS hero h4.5.2; versions prior to 2.2.21 on QuTScloud c4.5.4.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6
security@qnapsecurity.com.tw 6.0 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N 1.5 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-922,

Products Affected

Vendor Product Version
qnap myqnapcloud_link *
CVE-2021-28816 MEDIUM

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QTS 4.3.3.1693 build 20210624 and later QTS 4.3.6.1750 build 20210730 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H 2.8 4.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2021-34343 MEDIUM

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 6.0 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H 1.2 4.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2021-34344 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QUSBCam2: QTS 4.5.4: QUSBCam2 1.1.4 ( 2021/07/30 ) and later QTS 5.0: QUSBCam2 2.0.1 ( 2021/08/03 ) and later QTS 4.3.6: QUSBCam2 1.1.4 ( 2021/07/30 ) and later QTS 4.3.3: QUSBCam2 1.1.4 ( 2021/08/06 ) and later QuTS hero 4.5.3: QUSBCam2 1.1.4 ( 2021/07/30 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
qnap qusbcam2 *
CVE-2021-34345 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
qnap tl-r1620sep-rp_firmware *
qnap tr-004_firmware *
qnap tl-r1620sdc_firmware *
qnap tl-d800c_firmware *
qnap tl-d1600s_firmware *
qnap tl-d400s_firmware *
qnap tr-002_firmware *
qnap tl-d800s_firmware *
qnap tl-r400s_firmware *
qnap tr-004u_firmware *
qnap tl-r1220sep-rp_firmware *
qnap ej1600_firmware *
qnap tl-r1200s-rp_firmware *
qnap tl-r1200c-rp_firmware *
CVE-2021-34346 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
qnap nvr_storage_expansion_firmware *
CVE-2021-34348 HIGH

A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2021-34349 MEDIUM

A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2021-34351 HIGH

A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210803 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2021-34352 HIGH

A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210902 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2021-34354 LOW

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.18 ( 2021/09/01 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N 2.3 4.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2021-34355 LOW

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 5.4.10 ( 2021/08/19 ) and later Photo Station 5.7.13 ( 2021/08/19 ) and later Photo Station 6.0.18 ( 2021/09/01 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N 2.3 4.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2021-34356 LOW

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.18 ( 2021/09/01 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N 2.3 4.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2021-34357 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QmailAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N 1.6 4.7
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap qmailagent *
CVE-2021-34358 MEDIUM

We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N 1.6 5.2
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
qnap qmailagent *
CVE-2021-34359 LOW

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N 1.7 4.7
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2021-34360 MEDIUM

A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later QuTS hero h5.0.0: Proxy Server 1.4.3 ( 2022/01/18 ) and later QuTScloud c4.5.6: Proxy Server 1.4.2 ( 2021/12/30 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,CWE-352,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2021-34361 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap nas_proxy_server *
CVE-2021-34362 MEDIUM

A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this vulnerability allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of Media Streaming add-on: QTS 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.5.4: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later QTS 4.3.6: Media Streaming add-on 430.1.8.12 ( 2021/08/20 ) and later QTS 4.3.3: Media Streaming add-on 430.1.8.12 ( 2021/09/29 ) and later QuTS-Hero 5.0.0: Media Streaming add-on 500.0.0.3 ( 2021/08/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.7 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N 2.3 5.8
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-78,CWE-77,

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2021-38674 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QTS, QuTS hero and QuTScloud: QuTS hero h4.5.4.1771 build 20210825 and later QTS 4.5.4.1787 build 20210910 and later QuTScloud c4.5.7.1864 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security@qnapsecurity.com.tw 4.2 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N 1.6 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2021-38675 LOW

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Image2PDF: Image2PDF 2.1.5 ( 2021/08/17 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap image2pdf *
CVE-2021-38677 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap qcalagent *
CVE-2021-38678 MEDIUM

An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,CWE-601,

Products Affected

Vendor Product Version
qnap qcalagent *
CVE-2021-38679 HIGH

An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Kazoo Server: Kazoo Server 4.11.22 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N 3.9 2.5

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
qnap kazoo_server *
CVE-2021-38680 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Kazoo Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Kazoo Server: Kazoo Server 4.11.20 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap kazoo_server *
CVE-2021-38681 MEDIUM

A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 1.6 3.6
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N 2.8 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
qnap ragic_cloud_db *
CVE-2021-38682 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 and later QTS 5.0.0: QVR Guard 2.1.3.0 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-787,

Products Affected

Vendor Product Version
qnap qvr_elite *
qnap qvr_guard *
qnap qvr_pro *
CVE-2021-38684 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
qnap multimedia_console *
qnap multimedia_console 1.5.2
CVE-2021-38685 HIGH

A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2021-38686 MEDIUM

An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2021-38687 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Surveillance Station: QTS 5.0.0 (64 bit): Surveillance Station 5.2.0.4.2 ( 2021/10/26 ) and later QTS 5.0.0 (32 bit): Surveillance Station 5.2.0.3.2 ( 2021/10/26 ) and later QTS 4.3.6 (64 bit): Surveillance Station 5.1.5.4.6 ( 2021/10/26 ) and later QTS 4.3.6 (32 bit): Surveillance Station 5.1.5.3.6 ( 2021/10/26 ) and later QTS 4.3.3: Surveillance Station 5.1.5.3.6 ( 2021/10/26 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
qnap surveillance_station *
CVE-2021-38688 MEDIUM

An improper authentication vulnerability has been reported to affect Android App Qfile. If exploited, this vulnerability allows attackers to compromise app and access information We have already fixed this vulnerability in the following versions of Qfile: Qfile 3.0.0.1105 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.1 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
qnap qfile *
CVE-2021-38689 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-787,

Products Affected

Vendor Product Version
qnap qvr_elite *
qnap qvr_guard *
qnap qvr_pro *
CVE-2021-38690 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-787,

Products Affected

Vendor Product Version
qnap qvr_elite *
qnap qvr_guard *
qnap qvr_pro *
CVE-2021-38691 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-787,

Products Affected

Vendor Product Version
qnap qvr_elite *
qnap qvr_guard *
qnap qvr_pro *
CVE-2021-38692 HIGH

A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,CWE-787,

Products Affected

Vendor Product Version
qnap qvr_elite *
qnap qvr_guard *
qnap qvr_pro *
CVE-2021-38693 MEDIUM

A path traversal vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, QTS, QVR Pro Appliance. If exploited, this vulnerability allows attackers to read the contents of unexpected files and expose sensitive data. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero, QTS, QVR Pro Appliance: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1949 build 20220215 and later QuTS hero h4.5.4.1951 build 20220218 and later QTS 5.0.0.1986 build 20220324 and later QTS 4.5.4.1991 build 20220329 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,CWE-22,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2021-44051 MEDIUM

A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero and QTS: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 5.0.0.1986 build 20220324 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-77,CWE-77,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.2.6
CVE-2021-44052 MEDIUM

An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS. If exploited, this vulnerability allows remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero, and QTS: QuTScloud c5.0.1.1998 and later QuTS hero h4.5.4.1971 build 20220310 and later QuTS hero h5.0.0.1986 build 20220324 and later QTS 4.3.4.1976 build 20220303 and later QTS 4.3.3.1945 build 20220303 and later QTS 4.2.6 build 20220304 and later QTS 4.3.6.1965 build 20220302 and later QTS 5.0.0.1986 build 20220324 and later QTS 4.5.4.1991 build 20220329 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-59,CWE-59,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.2.6
CVE-2021-44053 MEDIUM

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QTS, QuTS hero and QuTScloud: QTS 4.5.4.1991 build 20220329 and later QTS 5.0.0.1986 build 20220324 and later QuTS hero h5.0.0.1986 build 20220324 and later QuTS hero h4.5.4.1971 build 20220310 and later QuTScloud c5.0.1.1949 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
security@qnapsecurity.com.tw 5.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 2.1 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.2.6
CVE-2021-44054 MEDIUM

An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS hero and QTS: QuTScloud c5.0.1.1949 and later QuTS hero h5.0.0.1949 build 20220215 and later QuTS hero h4.5.4.1951 build 20220218 and later QTS 5.0.0.1986 build 20220324 and later QTS 4.5.4.1991 build 20220329 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,CWE-601,

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.2.6
CVE-2021-44055 HIGH

An missing authorization vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows remote attackers to access data or perform actions that they should not be allowed to perform. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 ( 2022/02/16 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-862,CWE-862,

Products Affected

Vendor Product Version
qnap video_station *
CVE-2021-44056 HIGH

An improper authentication vulnerability has been reported to affect QNAP device running Video Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Video Station: Video Station 5.5.9 and later Video Station 5.3.13 and later Video Station 5.1.8 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 2.8 4.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
qnap video_station *
CVE-2021-44057 HIGH

An improper authentication vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 6.0.20 ( 2022/02/15 ) and later Photo Station 5.7.16 ( 2022/02/11 ) and later Photo Station 5.4.13 ( 2022/02/11 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N 2.8 4.2

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,CWE-287,

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2022-27588 HIGH

We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.6 build 20220401 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,CWE-77,

Products Affected

Vendor Product Version
qnap qvr *
CVE-2022-27593

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H 3.9 6.0
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2022-27595

An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QVPN Windows 2.0.0.1316 and later QVPN Windows 2.0.0.1310 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
qnap qvpn *
CVE-2022-27596

A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QuTS hero, QTS: QuTS hero h5.0.1.2248 build 20221215 and later QTS 5.0.1.2234 build 20221201 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2022-27597

A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4
security@qnapsecurity.com.tw 2.7 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 1.2 1.4

Products Affected

Vendor Product Version
qnap qutscloud -
qnap qvp-21a_firmware -
qnap quts_hero *
qnap qvp-41a_firmware -
qnap qvr -
qnap qvp-85b_firmware -
qnap qvp-85a_firmware -
qnap qts *
qnap qvp-41b_firmware -
qnap qvp-63b_firmware -
qnap qvp-63a_firmware -
CVE-2022-27598

A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remote authenticated administrators to get secret values. The vulnerability affects the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 2.7 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N 1.2 1.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
qnap qutscloud -
qnap qvp-21a_firmware -
qnap quts_hero *
qnap qvp-41a_firmware -
qnap qvp-85b_firmware -
qnap qvp-85a_firmware -
qnap qts *
qnap qvp-41b_firmware -
qnap qvp-63b_firmware -
qnap qvp-63a_firmware -
CVE-2022-27599

An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
security@qnapsecurity.com.tw 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
qnap qvr_pro_client *
CVE-2022-27600

An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2277 and later QTS 4.5.4.2280 build 20230112 and later QuTS hero h5.0.1.2277 build 20230112 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.8 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H 2.2 4.0

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 5.0.1.2277
qnap qts 4.5.4.2280
qnap quts_hero h4.5.4.2374
qnap quts_hero h5.0.1.2277
CVE-2023-23354

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.3 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N 2.1 5.2

Products Affected

Vendor Product Version
qnap qulog_center *
CVE-2023-23355

An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors. QES is not affected. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QTS 4.5.4.2374 build 20230416 and later QuTS hero h5.0.1.2348 build 20230324 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 6.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L 2.3 3.7

Products Affected

Vendor Product Version
qnap qutscloud -
qnap qvp-21a_firmware -
qnap quts_hero *
qnap qvp-41a_firmware -
qnap qvr -
qnap qvp-85b_firmware -
qnap qvp-85a_firmware -
qnap qts *
qnap qvp-41b_firmware -
qnap qvp-63b_firmware -
qnap qvp-63a_firmware -
CVE-2023-23356

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QuFirewall 2.3.3 ( 2023/03/27 ) and later and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
qnap qufirewall *
CVE-2023-23357

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

Products Affected

Vendor Product Version
qnap qulog_center *
CVE-2023-23362

An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability allows remote authenticated users to execute commands via susceptible QNAP devices. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QTS 4.5.4.2374 build 20230416 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-23363

A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 4.3.6.2441 build 20230621 and later QTS 4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later QTS 4.3.4.2451 build 20230621 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap qts *
CVE-2023-23364

A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.1 ( 2023/03/29 ) and later Multimedia Console 1.4.7 ( 2023/03/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

Products Affected

Vendor Product Version
qnap multimedia_console *
CVE-2023-23365

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
security@qnapsecurity.com.tw 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 3.1 4.0

Products Affected

Vendor Product Version
qnap music_station *
CVE-2023-23366

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6
security@qnapsecurity.com.tw 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N 3.1 4.0

Products Affected

Vendor Product Version
qnap music_station *
CVE-2023-23367

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTScloud c5.1.0.2498 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 1.2 3.4
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.0.1.2192
qnap qutscloud c5.0.1.2044
qnap quts_hero h5.0.1.2045
qnap qutscloud c5.0.1.1949
qnap qts 5.0.1.2173
qnap qts 5.0.0.1716
qnap qts 5.0.0.1785
qnap qts 5.0.0.1853
qnap qts 5.0.1.2034
qnap qutscloud c5.0.1.1998
qnap quts_hero h5.0.0.1900
qnap qts 5.0.0.1850
qnap qts 5.0.1.2137
qnap qts 5.0.1.2234
qnap quts_hero h5.0.1.2248
qnap quts_hero h5.0.1.2348
qnap qts 5.0.1.2277
qnap quts_hero h5.0.0.2120
qnap qts 5.0.1.2145
qnap quts_hero h5.0.1.2269
qnap quts_hero h5.0.0.2022
qnap qts 5.0.0.1858
qnap quts_hero h5.0.1.2277
qnap quts_hero h5.0.0.1986
qnap quts_hero h5.0.0.2069
qnap qts 5.0.0.1808
qnap quts_hero h5.0.0.1856
qnap qts 5.0.0.1828
qnap qts 5.0.0.1837
qnap qts 5.0.1.2346
qnap quts_hero h5.0.0.1892
qnap qts 5.0.1.2248
qnap qutscloud c5.0.1.2148
qnap qutscloud c5.0.1.2374
qnap qts 5.0.0.1870
qnap qts 5.0.1.2131
qnap qts 5.0.1.2194
qnap quts_hero h5.0.0.1772
qnap quts_hero h5.0.0.1949
qnap qutscloud c5.0.0.1919
qnap qts 5.0.1.2079
qnap quts_hero h5.0.0.1844
CVE-2023-23368

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QTS 4.5.4.2374 build 20230416 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.0.1.2192
qnap qutscloud c5.0.1.2044
qnap quts_hero h4.5.4.1848
qnap quts_hero h5.0.1.2045
qnap qts 4.5.4.2280
qnap quts_hero h4.5.4.1813
qnap quts_hero h4.5.4.1892
qnap qutscloud c5.0.1.1949
qnap qts 5.0.1.2173
qnap quts_hero h4.5.4.1951
qnap quts_hero h4.5.4.1991
qnap quts_hero h4.5.4.1971
qnap qts 5.0.1.2034
qnap qutscloud c5.0.1.1998
qnap qts 4.5.4.1787
qnap quts_hero h4.5.4.2217
qnap qts 4.5.4.1741
qnap qts 4.5.4.1931
qnap qts 5.0.1.2137
qnap qts 5.0.1.2234
qnap quts_hero h5.0.1.2248
qnap quts_hero h4.5.4.2138
qnap quts_hero h5.0.1.2348
qnap qts 5.0.1.2277
qnap qts 5.0.1.2145
qnap qts 4.5.4.2117
qnap quts_hero h5.0.1.2269
qnap qts 5.0.1
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap quts_hero h5.0.1.2277
qnap quts_hero h4.5.4.2052
qnap quts_hero h4.5.4.1800
qnap qts 5.0.1.2346
qnap qts 5.0.1.2248
qnap qutscloud c5.0.1.2148
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap qts 4.5.4
qnap quts_hero h4.5.4.2272
qnap qts 5.0.1.2131
qnap qts 5.0.1.2194
qnap qts 4.5.4.1723
qnap qts 5.0.1.2079
qnap quts_hero h4.5.4.1771
CVE-2023-23369

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.2 ( 2023/05/04 ) and later Multimedia Console 1.4.8 ( 2023/05/05 ) and later QTS 5.1.0.2399 build 20230515 and later QTS 4.3.6.2441 build 20230621 and later QTS 4.3.4.2451 build 20230621 and later QTS 4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later Media Streaming add-on 500.1.1.2 ( 2023/06/12 ) and later Media Streaming add-on 500.0.0.11 ( 2023/06/16 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.0 CRITICAL CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 2.2 6.0
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap qts 4.3.4.1282
qnap qts 4.3.3.1677
qnap qts 4.3.3.2057
qnap qts 4.3.3.1432
qnap qts 4.3.6.1750
qnap qts 4.3.4.1976
qnap qts 4.3.6.0944
qnap qts 4.3.4.2107
qnap qts 4.3.6.2232
qnap qts 4.3.4.1463
qnap qts 4.3.3.0174
qnap multimedia_console 1.4.3
qnap qts 4.3.6.1263
qnap qts 4.3.6.1446
qnap qts 4.2.6
qnap qts 4.3.4.1190
qnap qts 4.3.6.1070
qnap qts 4.3.3.1161
qnap qts 4.3.6.1663
qnap media_streaming_add-on 500.0.0.7
qnap qts 4.3.6.0895
qnap media_streaming_add-on 500.0.0.3
qnap qts 4.3.4.1082
qnap qts 4.3.6.0959
qnap multimedia_console 1.4.5
qnap qts 4.3.4.0899
qnap qts 4.3.6.2050
qnap media_streaming_add-on 500.0.0.6
qnap qts 4.3.6.0923
qnap qts 4.3.6.1620
qnap media_streaming_add-on 500.0.0.5
qnap qts 4.3.4.1632
qnap qts 4.3.4.1652
qnap qts 5.1.0.2348
qnap qts 4.3.6.1033
qnap qts 4.3.3.1693
qnap qts 4.3.4.1417
qnap qts 4.3.6.0993
qnap qts 4.3.3.1315
qnap qts 4.3.6.0907
qnap qts 4.3.6.0979
qnap qts 4.3.6.1286
qnap multimedia_console 2.1.1
qnap media_streaming_add-on 500.1.1.1
qnap qts 4.3.3.2211
qnap qts 4.3.3.1799
qnap media_streaming_add-on 500.0.0.1
qnap media_streaming_add-on 500.1.1.0
qnap media_streaming_add-on 500.0.0.10
qnap qts 4.3.3.0998
qnap qts 4.3.6.1013
qnap qts 4.3.6.1411
qnap multimedia_console 1.4.6
qnap qts 4.3.4.2242
qnap qts 4.3.6.1831
qnap qts 4.3.6.1965
qnap qts 4.3.6.1218
qnap qts 4.3.3.1624
qnap media_streaming_add-on 500.0.0.0
qnap qts 4.3.3.1252
qnap qts 4.3.4.1368
qnap qts 4.3.3.1051
qnap qts 4.3.3.1945
qnap multimedia_console 1.4.7
qnap qts 4.3.3.1098
qnap multimedia_console 2.1.0
qnap qts 4.3.3.0868
qnap qts 4.3.4.1029
qnap media_streaming_add-on 500.0.0.4
qnap qts 4.3.3.1386
qnap media_streaming_add-on 500.0.0.9
qnap qts 4.3.3.1864
qnap media_streaming_add-on 500.0.0.8
qnap qts 4.3.6.1154
qnap qts 4.3.6.1711
qnap qts 4.3.6.1907
qnap qts 4.3.6.1333
qnap multimedia_console 1.4.4
CVE-2023-23370

An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.1.0.0518 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6
security@qnapsecurity.com.tw 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:N 1.5 4.7

Products Affected

Vendor Product Version
qnap qvpn *
CVE-2023-23371

A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.2.0.0823 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L 1.1 3.7
nvd@nist.gov 4.4 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 0.8 3.6

Products Affected

Vendor Product Version
qnap qvpn *
CVE-2023-23372

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h4.5.4.2476 build 20230728 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N 2.8 3.6
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
qnap quts_hero h5.0.1.2192
qnap quts_hero h4.5.4.1848
qnap quts_hero h5.0.1.2045
qnap qts 4.5.4.2280
qnap qts 5.1.0.2399
qnap quts_hero h4.5.4.1813
qnap quts_hero h4.5.4.1892
qnap quts_hero h4.5.4.2374
qnap qts 5.0.1.2173
qnap quts_hero h4.5.4.1951
qnap quts_hero h4.5.4.1991
qnap quts_hero h4.5.4.1971
qnap qts 5.0.1.2034
qnap quts_hero h5.1.0.2409
qnap qts 4.5.4.1787
qnap quts_hero h4.5.4.2217
qnap qts 4.5.4.1741
qnap qts 4.5.4.1931
qnap qts 5.0.1.2137
qnap qts 5.1.0.2418
qnap qts 5.0.1.2234
qnap quts_hero h5.0.1.2248
qnap quts_hero h4.5.4.2138
qnap quts_hero h5.0.1.2348
qnap qts 5.0.1.2277
qnap qts 5.0.1.2376
qnap qts 5.0.1.2145
qnap qts 4.5.4.2117
qnap quts_hero h5.0.1.2269
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap quts_hero h5.0.1.2277
qnap quts_hero h4.5.4.2052
qnap quts_hero h4.5.4.1800
qnap qts 5.0.1.2346
qnap qts 5.0.1.2248
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap quts_hero h4.5.4.2272
qnap qts 5.0.1.2131
qnap qts 5.0.1.2194
qnap qts 4.5.4.1723
qnap qts 4.5.4.2374
qnap qts 5.1.0.2348
qnap qts 5.0.1.2079
qnap quts_hero h4.5.4.1771
qnap quts_hero h5.0.1.2376
CVE-2023-23373

An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: QUSBCam2 2.0.3 ( 2023/06/15 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qusbcam2 *
CVE-2023-32967

An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. QTS 5.x, QuTS hero are not affected. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651 and later QTS 4.5.4.2627 build 20231225 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N 2.8 3.6
security@qnapsecurity.com.tw 5.0 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 3.1 1.4

Products Affected

Vendor Product Version
qnap qts 4.5.4.2280
qnap qts 4.5.4.2627
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap qts 4.5.4.1787
qnap qts 4.5.4.1723
qnap qts 4.5.4.1741
qnap qts 4.5.4.1931
qnap qts 4.5.4.2374
qnap qts 4.5.4.2117
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap qutscloud c5.1.0.2498
CVE-2023-32968

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 4.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H 0.9 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.0.1.2192
qnap quts_hero h5.0.1.2045
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.0.1.2173
qnap qts 5.0.1.2034
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.0.1.2137
qnap qts 5.1.0.2418
qnap qts 5.0.1.2234
qnap quts_hero h5.0.1.2248
qnap quts_hero h5.0.1.2348
qnap qts 5.0.1.2277
qnap qts 5.0.1.2376
qnap qts 5.0.1.2145
qnap quts_hero h5.0.1.2269
qnap quts_hero h5.0.1.2277
qnap quts_hero h5.1.0.2424
qnap qts 5.0.1.2346
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.0.1.2248
qnap quts_hero h5.1.0.2466
qnap qts 5.0.1.2131
qnap qts 5.0.1.2194
qnap qts 5.1.0.2348
qnap qts 5.0.1.2079
qnap qts 5.0.1.2425
qnap quts_hero h5.0.1.2376
CVE-2023-32969

A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuTScloud c5.1.5.2651 and later QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
qnap qts 5.1.4.2596
qnap quts_hero *
qnap qutscloud *
qnap quts_hero h5.1.4.2596
qnap qts *
CVE-2023-32970

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. QES is not affected. We have already fixed the vulnerability in the following versions: QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2453 build 20230708 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-32971

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-32972

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-32973

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-32974

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTScloud c5.1.0.2498 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-32975

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.0.1.2192
qnap quts_hero h5.0.1.2045
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.0.1.2173
qnap qts 5.0.1.2034
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.0.1.2137
qnap qts 5.1.0.2418
qnap qts 5.0.1.2234
qnap quts_hero h5.0.1.2248
qnap quts_hero h5.0.1.2348
qnap qts 5.0.1.2277
qnap qts 5.0.1.2376
qnap qts 5.0.1.2145
qnap quts_hero h5.0.1.2269
qnap quts_hero h5.0.1.2277
qnap quts_hero h5.1.0.2424
qnap qts 5.0.1.2346
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.0.1.2248
qnap quts_hero h5.1.0.2466
qnap qts 5.0.1.2131
qnap qts 5.0.1.2194
qnap qts 5.1.0.2348
qnap qts 5.0.1.2079
qnap qts 5.0.1.2425
qnap quts_hero h5.0.1.2376
CVE-2023-32976

An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Container Station 2.6.7.44 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 6.6 MEDIUM CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.7 5.9

Products Affected

Vendor Product Version
qnap container_station *
CVE-2023-34971

An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to decrypt the data using brute force attacks via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.1 HIGH CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.2 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2023-34972

A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to read the contents of unexpected sensitive data via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.5 LOW CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.1 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2023-34973

An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to predict secret via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4
security@qnapsecurity.com.tw 3.1 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N 1.6 1.4

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2023-34975

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. QuTScloud c5.1.x is not affected. We have already fixed the vulnerability in the following versions: QuTS hero h4.5.4.2626 build 20231225 and later QTS 4.5.4.2627 build 20231225 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 6.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L 2.3 3.7

Products Affected

Vendor Product Version
qnap video_station *
CVE-2023-34976

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 2.8 1.4

Products Affected

Vendor Product Version
qnap video_station *
CVE-2023-34977

A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 2.1 2.5

Products Affected

Vendor Product Version
qnap video_station *
CVE-2023-34980

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2627 build 20231225 and later QuTS hero h4.5.4.2626 build 20231225 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L 1.7 3.7

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.2626
CVE-2023-39294

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L 2.3 3.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-39295

An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.3 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qumagie *
CVE-2023-39296

A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-39297

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap quts_hero h4.5.4.1848
qnap quts_hero h5.1.0.2453
qnap qts 4.5.4.2280
qnap qts 5.1.0.2399
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.1813
qnap quts_hero h4.5.4.1892
qnap quts_hero h4.5.4.2374
qnap quts_hero h4.5.4.1951
qnap quts_hero h4.5.4.1991
qnap quts_hero h4.5.4.1971
qnap quts_hero h4.5.4.2626
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap qts 4.5.4.1787
qnap quts_hero h4.5.4.2217
qnap quts_hero h5.1.3.2578
qnap qts 4.5.4.1741
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 4.5.4.1931
qnap qts 5.1.0.2418
qnap quts_hero h4.5.4.2138
qnap qts 4.5.4.2117
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap quts_hero h4.5.4.2052
qnap quts_hero h4.5.4.1800
qnap quts_hero h5.1.0.2424
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap quts_hero h4.5.4.2272
qnap qts 4.5.4.1723
qnap qts 4.5.4.2374
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h4.5.4.2476
qnap quts_hero h4.5.4.1771
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-39299

A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: Music Station 4.8.11 and later Music Station 5.1.16 and later Music Station 5.3.23 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
qnap music_station *
CVE-2023-39301

A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read application data via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.1.2491 build 20230815 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.1.2488 build 20230812 and later QuTScloud c5.1.0.2498 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
CVE-2023-39302

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 6.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L 2.3 3.7

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-39303

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41273

A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41274

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41275

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41276

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41277

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41278

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41279

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41280

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41281

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41282

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
qnap qutscloud c5.1.0.2498
CVE-2023-41283

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N 2.3 2.7
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-41284

A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qumagie *
CVE-2023-41285

A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.4 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7

Products Affected

Vendor Product Version
qnap qumagie *
CVE-2023-41287

A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4

Products Affected

Vendor Product Version
qnap video_station *
CVE-2023-41288

An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap video_station *
CVE-2023-41289

An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QcalAgent 1.1.8 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 2.8 3.4

Products Affected

Vendor Product Version
qnap qcalagent *
CVE-2023-41290

A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: QuFirewall 2.4.1 ( 2024/02/01 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N 2.3 1.4

Products Affected

Vendor Product Version
qnap qufirewall 2.4.0
CVE-2023-41291

A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: QuFirewall 2.4.1 ( 2024/02/01 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7

Products Affected

Vendor Product Version
qnap qufirewall *
CVE-2023-41292

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-45025

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.0 CRITICAL CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 2.2 6.0
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap quts_hero h4.5.4.1848
qnap quts_hero h5.1.0.2453
qnap qts 4.5.4.2280
qnap qts 5.1.0.2399
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.1813
qnap quts_hero h4.5.4.1892
qnap quts_hero h4.5.4.2374
qnap quts_hero h4.5.4.1951
qnap quts_hero h4.5.4.1991
qnap quts_hero h4.5.4.1971
qnap quts_hero h4.5.4.2626
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap qts 4.5.4.1787
qnap quts_hero h4.5.4.2217
qnap quts_hero h5.1.3.2578
qnap qts 4.5.4.1741
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 4.5.4.1931
qnap qts 5.1.0.2418
qnap quts_hero h4.5.4.2138
qnap qts 4.5.4.2117
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap quts_hero h4.5.4.2052
qnap quts_hero h4.5.4.1800
qnap quts_hero h5.1.0.2424
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap quts_hero h4.5.4.2272
qnap qts 4.5.4.1723
qnap qts 4.5.4.2374
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h4.5.4.2476
qnap quts_hero h4.5.4.1771
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-45026

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
qnap qutscloud c5.1.0.2498
CVE-2023-45027

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
qnap qutscloud c5.1.0.2498
CVE-2023-45028

An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
qnap qutscloud c5.1.0.2498
CVE-2023-45035

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-45036

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-45037

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-45039

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-45040

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-45041

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-45042

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-45043

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-45044

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 3.8 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 1.2 2.5

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.0.2418
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
CVE-2023-47218

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.8 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L 1.6 3.7

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2647
CVE-2023-47219

A SQL injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 2.1 1.4
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qumagie 2.2.0
CVE-2023-47220

An OS command injection vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.5 ( 2024/01/22 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L 2.3 3.7

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2023-47221

A path traversal vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2023-47222

An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.5 ( 2024/01/22 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.6 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H 2.8 6.0

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2023-47559

A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L 1.3 3.7

Products Affected

Vendor Product Version
qnap qumagie 2.2.0
CVE-2023-47560

An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qumagie 2.2.0
CVE-2023-47561

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L 1.3 3.7

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2023-47562

An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 ( 2023/12/15 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2023-47564

An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.15 ( 2024/01/04 ) and later Qsync Central 4.3.0.11 ( 2024/01/11 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.0 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 2.1 5.9
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2023-47565

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmware 5.0.0 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.0 HIGH CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.1 5.9
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qvr_firmware *
CVE-2023-47566

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 6.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H 1.2 5.5

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
qnap qutscloud c5.1.0.2498
CVE-2023-47567

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9
security@qnapsecurity.com.tw 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 1.2 3.4

Products Affected

Vendor Product Version
qnap quts_hero h4.5.4.1848
qnap quts_hero h5.1.0.2453
qnap qts 4.5.4.2280
qnap qts 5.1.0.2399
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.1813
qnap quts_hero h4.5.4.1892
qnap quts_hero h4.5.4.2374
qnap quts_hero h4.5.4.1951
qnap quts_hero h4.5.4.1991
qnap quts_hero h4.5.4.1971
qnap qts 5.1.5.2645
qnap quts_hero h4.5.4.2626
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap qts 4.5.4.1787
qnap quts_hero h4.5.4.2217
qnap quts_hero h5.1.3.2578
qnap qts 4.5.4.1741
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 4.5.4.1931
qnap qts 5.1.0.2418
qnap quts_hero h4.5.4.2138
qnap qts 4.5.4.2117
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap quts_hero h5.1.5.2647
qnap quts_hero h4.5.4.2052
qnap quts_hero h4.5.4.1800
qnap quts_hero h5.1.0.2424
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap quts_hero h4.5.4.2272
qnap qts 4.5.4.1723
qnap qts 4.5.4.2374
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h4.5.4.2476
qnap quts_hero h4.5.4.1771
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-47568

A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
security@qnapsecurity.com.tw 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap quts_hero h4.5.4.1848
qnap quts_hero h5.1.0.2453
qnap qts 4.5.4.2280
qnap qts 5.1.0.2399
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.1813
qnap quts_hero h4.5.4.1892
qnap quts_hero h4.5.4.2374
qnap quts_hero h4.5.4.1951
qnap quts_hero h4.5.4.1991
qnap quts_hero h4.5.4.1971
qnap qts 5.1.5.2645
qnap quts_hero h4.5.4.2626
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap qts 4.5.4.1787
qnap quts_hero h4.5.4.2217
qnap quts_hero h5.1.3.2578
qnap qts 4.5.4.1741
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 4.5.4.1931
qnap qts 5.1.0.2418
qnap quts_hero h4.5.4.2138
qnap qts 4.5.4.2117
qnap qts 4.5.4.2012
qnap qts 4.5.4.1715
qnap quts_hero h5.1.5.2647
qnap quts_hero h4.5.4.2052
qnap quts_hero h4.5.4.1800
qnap quts_hero h5.1.0.2424
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 4.5.4.1800
qnap qts 4.5.4.1892
qnap quts_hero h4.5.4.2272
qnap qts 4.5.4.1723
qnap qts 4.5.4.2374
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h4.5.4.2476
qnap quts_hero h4.5.4.1771
qnap quts_hero h5.1.2.2534
qnap qutscloud c5.1.0.2498
CVE-2023-50358

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QTS 4.3.6.2665 build 20240131 and later QTS 4.3.4.2675 build 20240131 and later QTS 4.3.3.2644 build 20240131 and later QTS 4.2.6 build 20240131 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.8 MEDIUM CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L 1.6 3.7

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.5.4.2627
qnap qts 4.2.6
qnap qts 5.1.5.2645
qnap quts_hero h4.5.4.2626
qnap quts_hero h5.1.5.2647
CVE-2023-50359

An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 3.4 LOW CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L 0.8 2.5
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
qnap qutscloud c5.1.0.2498
CVE-2023-50361

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.0 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N 3.1 1.4

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2023-50362

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.0 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N 3.1 1.4

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2023-50363

An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.4 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 3.1 3.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2023-50364

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2023-51364

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.7 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H 2.2 5.8

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap qts 5.1.4.2596
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.2626
CVE-2023-51365

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 8.7 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H 2.2 5.8

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap qts 5.1.4.2596
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.2626
CVE-2024-12923

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: Photo Station 6.4.5 ( 2025/01/02 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2024-13086

An exposure of sensitive information vulnerability has been reported to affect product. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: QTS 5.2.0.2851 build 20240808 and later QuTS hero h5.2.0.2851 build 20240808 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6
security@qnapsecurity.com.tw 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2024-13087

A command injection vulnerability has been reported to affect QHora. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.5.032
qnap qurouter 2.4.4.106
qnap qurouter 2.4.6.028
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.3.103
qnap qurouter 2.4.2.317
CVE-2024-13088

An improper authentication vulnerability has been reported to affect QHora. If an attacker gains local network access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: QuRouter 2.5.0.140 and later

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.5.032
qnap qurouter 2.4.4.106
qnap qurouter 2.4.6.028
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.3.103
qnap qurouter 2.4.2.317
CVE-2024-14026

A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.3.3006 build 20250108 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap quts_hero h5.1.7.2788
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap qts 5.1.0.2444
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.2.0.2823
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap qts 5.1.8.2823
qnap qts 5.2.0.2802
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.2.2950
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.1.4.2596
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.2.2534
CVE-2024-21899

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.2626
qnap qts 5.1.3.2578
CVE-2024-21900

An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 2.8 1.4

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 5.1.3.2578
CVE-2024-21901

A SQL injection vulnerability has been reported to affect myQNAPcloud. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: myQNAPcloud 1.0.52 ( 2023/11/24 ) and later QTS 4.5.4.2627 build 20231225 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 1.2 3.4

Products Affected

Vendor Product Version
qnap myqnapcloud *
qnap qts *
qnap qts 4.5.4.2627
CVE-2024-21902

An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N 3.1 2.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.1.6.2722
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2024-21905

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 3.9 2.5

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 5.1.3.2578
CVE-2024-27122

A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: Notes Station 3 3.9.6 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N 2.1 4.2

Products Affected

Vendor Product Version
qnap notes_station_3 *
CVE-2024-27124

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.5 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H 1.6 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.2626
qnap qts 5.1.3.2578
CVE-2024-27126

A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: Notes Station 3 3.9.6 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N 2.1 4.2

Products Affected

Vendor Product Version
qnap notes_station_3 *
CVE-2024-27127

A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute arbitrary code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L 3.9 2.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.1.6.2722
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2024-27128

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L 3.1 2.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.1.6.2722
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2024-27129

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L 3.1 2.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.1.6.2722
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2024-27130

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L 3.9 2.7

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap qts 5.1.6.2722
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap qts 5.1.5.2645
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap qts 5.1.0.2418
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.1.5.2647
CVE-2024-32764

A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following version: myQNAPcloud Link 2.4.51 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 9.9 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L 3.9 5.3

Products Affected

Vendor Product Version
qnap myqnapcloud_link *
CVE-2024-32765

A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authenticated administrators to gain access to and execute certain functions via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 4.2 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 0.8 3.4

Products Affected

Vendor Product Version
qnap quts_hero *
qnap qts *
CVE-2024-32766

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

Products Affected

Vendor Product Version
qnap quts_hero h5.1.3.2578
qnap quts_hero *
qnap qutscloud *
qnap qts *
qnap qts 4.5.4.2627
qnap quts_hero h4.5.4.2626
qnap qts 5.1.3.2578
CVE-2024-32767

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow remote attackers who have gained user access to inject malicious code. We have already fixed the vulnerability in the following version: Photo Station 6.4.3 ( 2024/07/12 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N 2.1 4.2

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2024-32768

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow remote attackers who have gained user access to inject malicious code. We have already fixed the vulnerability in the following version: Photo Station 6.4.3 ( 2024/07/12 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N 2.1 4.2

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2024-32769

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow remote attackers who have gained user access to inject malicious code. We have already fixed the vulnerability in the following version: Photo Station 6.4.3 ( 2024/07/12 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N 2.1 4.2

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2024-32770

A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow remote attackers who have gained user access to inject malicious code. We have already fixed the vulnerability in the following version: Photo Station 6.4.3 ( 2024/07/12 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
security@qnapsecurity.com.tw 6.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N 2.1 4.2

Products Affected

Vendor Product Version
qnap photo_station *
CVE-2024-37041

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37042

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37043

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37044

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37045

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37046

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read the contents of unexpected files and expose sensitive data. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37047

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37048

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37049

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-37050

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-38638

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. QTS 5.2.x/QuTS hero h5.2.x are not affected. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QuTS hero h5.1.9.2954 build 20241120 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap qts 5.1.6.2722
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap quts_hero h5.1.7.2794
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
CVE-2024-38643

A missing authentication for critical function vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote attackers to gain access to and execute certain functions. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later

Products Affected

Vendor Product Version
qnap notes_station_3 *
CVE-2024-38644

An OS command injection vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to execute commands. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later

Products Affected

Vendor Product Version
qnap notes_station_3 *
CVE-2024-38645

A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to read application data. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later

Products Affected

Vendor Product Version
qnap notes_station_3 *
CVE-2024-38646

An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource. We have already fixed the vulnerability in the following version: Notes Station 3 3.9.7 and later

Products Affected

Vendor Product Version
qnap notes_station_3 *
CVE-2024-38647

An exposure of sensitive information vulnerability has been reported to affect QNAP AI Core. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: QNAP AI Core 3.4.1 and later

Products Affected

Vendor Product Version
qnap ai_core 3.4.0
CVE-2024-48859

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-48860

An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.3.103 and later

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.2.317
CVE-2024-48861

An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.3.103
qnap qurouter 2.4.2.317
CVE-2024-48862

A link following vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.831 ( 2024/10/15 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later

Products Affected

Vendor Product Version
qnap qulog_center *
CVE-2024-48863

A command injection vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: License Center 1.9.43 and later

Products Affected

Vendor Product Version
qnap license_center *
CVE-2024-48864

A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4741 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 3.9 5.2

Products Affected

Vendor Product Version
qnap file_station *
CVE-2024-48865

An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow attackers with local network access to compromise the security of the system. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-48866

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-48867

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-48868

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50387

A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: SMB Service 4.15.002 and later SMB Service h4.15.002 and later

Products Affected

Vendor Product Version
qnap smb_service h4.15.001
qnap smb_service 4.15.001
CVE-2024-50388

An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.1.673 and later

Products Affected

Vendor Product Version
qnap hybrid_backup_sync 25.1.0.627
CVE-2024-50389

A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.4.106
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.3.103
qnap qurouter 2.4.2.317
CVE-2024-50390

A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.4.106
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.3.103
qnap qurouter 2.4.2.317
CVE-2024-50393

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50394

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap helpdesk *
CVE-2024-50395

An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2024-50396

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50397

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50398

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50399

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50400

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50401

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap qts 5.2.0.2744
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.0.2823
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50402

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50403

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.2.2.2952 build 20241116 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.1.8.2823
qnap quts_hero h5.1.0.2453
qnap qts 5.2.0.2802
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap quts_hero h5.2.1.2929
qnap qts 5.1.6.2722
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap qts 5.2.0.2851
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap quts_hero h5.2.0.2851
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.8.2823
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.2.0.2823
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50404

A link following vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.16_20240819 ( 2024/08/19 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2024-50405

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify application data. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:L 2.3 2.7

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-50406

A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: License Center 1.9.49 and later

Products Affected

Vendor Product Version
qnap license_center *
CVE-2024-53691

A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QTS 5.2.0.2802 build 20240620 and later QuTS hero h5.1.8.2823 build 20240712 and later QuTS hero h5.2.0.2802 build 20240620 and later

Products Affected

Vendor Product Version
qnap qts 5.1.5.2679
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.1.0.2453
qnap qts 5.1.0.2399
qnap qts 5.1.7.2770
qnap qts 5.1.6.2722
qnap qts 5.2.0.2782
qnap qts 5.1.5.2645
qnap quts_hero h5.1.0.2409
qnap qts 5.1.3.2578
qnap quts_hero h5.1.3.2578
qnap qts 5.1.0.2466
qnap quts_hero h5.1.1.2488
qnap qts 5.1.4.2596
qnap quts_hero h5.1.7.2788
qnap qts 5.1.0.2418
qnap qts 5.2.0.2737
qnap quts_hero h5.1.7.2794
qnap quts_hero h5.1.5.2647
qnap quts_hero h5.1.0.2424
qnap qts 5.1.0.2444
qnap qts 5.1.1.2491
qnap quts_hero h5.1.0.2466
qnap qts 5.2.0.2744
qnap qts 5.1.2.2533
qnap quts_hero h5.1.5.2680
qnap quts_hero h5.1.7.2770
qnap quts_hero h5.1.4.2596
qnap qts 5.1.0.2348
qnap quts_hero h5.1.6.2734
qnap quts_hero h5.1.2.2534
qnap quts_hero h5.2.0.2782
CVE-2024-53692

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 4.7 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L 1.2 3.4

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-53693

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify application data. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H 2.8 4.2

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-53695

A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.1 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H 3.9 5.2

Products Affected

Vendor Product Version
qnap hybrid_backup_sync *
CVE-2024-53696

A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.829 ( 2024/10/01 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later QTS 4.5.4.2957 build 20241119 and later QuTS hero h4.5.4.2956 build 20241119 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
qnap qulog_center *
qnap quts_hero *
qnap qts *
CVE-2024-53697

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-53698

A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-53699

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to modify or corrupt memory. We have already fixed the vulnerability in the following versions: QTS 5.2.3.3006 build 20250108 and later QuTS hero h5.2.3.3006 build 20250108 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-53700

A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap qurouter 2.4.2.538
qnap qurouter 2.4.5.032
qnap qurouter 2.4.4.106
qnap qurouter 2.4.0.190
qnap qurouter 2.4.1.634
qnap qurouter 2.4.1.172
qnap qurouter 2.4.3.103
qnap qurouter 2.4.2.317
CVE-2024-56804

An SQL injection vulnerability has been reported to affect Video Station. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Video Station 5.8.4 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap video_station *
CVE-2024-56805

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.4.3070
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.3.3006
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2024-56807

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2024-56808

A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6 ( 2024/08/02 ) and later

Products Affected

Vendor Product Version
qnap media_streaming_add-on *
CVE-2025-11837

An improper control of generation of code vulnerability has been reported to affect Malware Remover. The remote attackers can then exploit the vulnerability to bypass protection mechanism. We have already fixed the vulnerability in the following version: Malware Remover 6.6.8.20251023 and later

Products Affected

Vendor Product Version
qnap malware_remover *
CVE-2025-22481

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap quts_hero h5.2.0.2851
qnap qts 5.2.4.3070
qnap qts 5.2.0.2802
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap qts 5.2.0.2744
qnap quts_hero h5.2.1.2940
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.0.2823
qnap qts 5.2.1.2930
qnap qts 5.2.3.3006
qnap qts 5.2.0.2737
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2851
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
CVE-2025-22482

A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-22483

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: License Center 1.8.51 and later License Center 1.9.51 and later

Products Affected

Vendor Product Version
qnap license_center *
CVE-2025-22486

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-22490

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29871

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 1.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29872

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29873

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29874

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29875

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29876

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29877

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29878

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29879

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29882

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-29883

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29884

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29885

An improper certificate validation vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers who have gained user access to compromise the security of the system. We have already fixed the vulnerability in the following versions: File Station 5 5.5.6.4791 and later and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29886

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29887

A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.5.1.060 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap qurouter 2.5.0.140
qnap qurouter 2.5.0.268
CVE-2025-29888

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29889

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29890

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29892

An SQL injection vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow remote attackers who have gained user access to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.6 ( 2025/03/20 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-29893

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-29894

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-29898

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-29899

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29900

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4907 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-29901

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-30260

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30261

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0 ( 2025/06/13 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central 5.0.0.0
CVE-2025-30262

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0 ( 2025/06/13 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central 5.0.0.0
CVE-2025-30263

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.0 ( 2025/06/13 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central 5.0.0.0
CVE-2025-30264

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30265

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30266

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30267

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30268

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30269

A use of externally-controlled format string vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N 2.8 5.2

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30270

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30271

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30272

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30273

An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30274

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-30275

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30276

An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30277

An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30278

An improper certificate validation vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-30279

An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-33031

An improper certificate validation vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-33032

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QTS 5.2.5.3145 build 20250526 and later QuTS hero h5.2.5.3138 build 20250519 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-33033

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-33034

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-33035

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4847 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-33036

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-33037

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-33038

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 4.5.0.7 ( 2025/04/23 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-33039

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-33040

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44006

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44007

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44008

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44009

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44010

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44011

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44012

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44013

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-44014

An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-44015

A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later

Products Affected

Vendor Product Version
qnap hybriddesk_station *
CVE-2025-47206

An out-of-bounds write vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.4933 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-47207

A NULL pointer dereference vulnerability has been reported to affect several product versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-47208

An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-47209

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-47210

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-47211

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-47212

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-47213

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-47214

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-48721

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QTS 5.2.8.3332 build 20251128 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-48722

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-48723

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-48724

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-48725

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap qts 5.2.8.3332
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap quts_hero h5.2.8.3321
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-48726

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-48727

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-48728

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-48729

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-48730

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52424

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52425

An SQL injection vulnerability has been reported to affect QuMagie. A remote attacker can exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QuMagie 2.7.0 and later

Products Affected

Vendor Product Version
qnap qumagie *
CVE-2025-52426

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-52427

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52428

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52429

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52430

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-52431

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-52432

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later and later QuTS hero h5.2.6.3195 build 20250715 and later QuTS hero h5.3.0.3192 build 20250716 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52433

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52853

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52854

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52855

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52856

An improper authentication vulnerability has been reported to affect VioStor. If a remote attacker, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: VioStor 5.1.6 build 20250621 and later

Products Affected

Vendor Product Version
qnap qvr *
qnap qvr 5.1.6
CVE-2025-52857

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52858

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52859

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52860

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52862

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52863

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-52864

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-52865

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-52866

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H 1.2 3.6

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-52867

An uncontrolled resource consumption vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-52868

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-52871

An out-of-bounds read vulnerability has been reported to affect License Center. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later

Products Affected

Vendor Product Version
qnap license_center *
CVE-2025-52872

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.0.3192 build 20250716 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53405

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53406

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-53407

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and later QuTS hero h5.2.6.3195 build 20250715 and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N 1.2 5.2

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-53408

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-53409

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-53410

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-53411

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-53412

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-53413

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-53414

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53589

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53590

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QTS 5.2.7.3256 build 20250913 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53591

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53592

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53593

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53595

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-53596

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-53597

A buffer overflow vulnerability has been reported to affect License Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: License Center 2.0.36 and later

Products Affected

Vendor Product Version
qnap license_center *
CVE-2025-54153

An SQL injection vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.2 ( 2025/07/31 ) and later

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-54154

An improper authentication vulnerability has been reported to affect QNAP Authenticator. If an attacker gains physical access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version: QNAP Authenticator 1.3.1.1227 and later

Products Affected

Vendor Product Version
qnap authenticator *
CVE-2025-54155

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-54161

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-54162

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-54163

A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-54164

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-54165

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-54166

An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-54168

A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.923 ( 2025/08/27 ) and later

Products Affected

Vendor Product Version
qnap qulog_center *
CVE-2025-54169

An out-of-bounds read vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5068 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-54170

An out-of-bounds read vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-57705

An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and later QuTS hero h5.2.7.3256 build 20250913 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.0.2851
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-57706

A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5018 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-57707

An improper neutralization of directives in statically saved code ('Static Code Injection') vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-57708

An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-57709

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 ( 2026/01/20 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-57712

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.3 ( 2025/08/28 ) and later

Products Affected

Vendor Product Version
qnap qsync_central *
CVE-2025-57713

A weak authentication vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to gain sensitive information. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-57714

An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: NetBak Replicator 4.5.15.0807 and later

Products Affected

Vendor Product Version
qnap netbak_replicator *
CVE-2025-58463

A relative path traversal vulnerability has been reported to affect Download Station. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: Download Station 5.10.0.305 ( 2025/09/16 ) and later Download Station 5.10.0.304 ( 2025/09/08 ) and later

Products Affected

Vendor Product Version
qnap download_station *
qnap download_station 5.10.0.291
CVE-2025-58464

A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: QuMagie 2.7.3 and later

Products Affected

Vendor Product Version
qnap qumagie *
CVE-2025-58465

A cross-site scripting (XSS) vulnerability has been reported to affect Download Station. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: Download Station 5.10.0.305 ( 2025/09/16 ) and later Download Station 5.10.0.304 ( 2025/09/08 ) and later

Products Affected

Vendor Product Version
qnap download_station *
qnap download_station 5.10.0.291
CVE-2025-58466

A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to denial of service conditions, or modify control flow in unexpected ways. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap qts 5.2.8.3332
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap quts_hero h5.2.8.3321
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-58469

A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 ( 2025/09/17 ) and later

Products Affected

Vendor Product Version
qnap qulog_center *
CVE-2025-59380

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-59381

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-59384

A path traversal vulnerability has been reported to affect Qfiling. The remote attackers can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qfiling 3.13.1 and later

Products Affected

Vendor Product Version
qnap qfiling 3.13.0
CVE-2025-59385

An authentication bypass by spoofing vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to access resources which are not otherwise accessible without proper authentication. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and later QuTS hero h5.2.7.3297 build 20251024 and later QuTS hero h5.3.1.3292 build 20251024 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap quts_hero h5.3.1.3250
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-59386

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.3.1.3250
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.3.1.3292
qnap quts_hero h5.3.0.3192
qnap quts_hero h5.3.0.3115
CVE-2025-59388

A use of hard-coded password vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: Hyper Data Protector 2.3.1.455 and later

Products Affected

Vendor Product Version
qnap hyper_data_protector *
CVE-2025-59389

An SQL injection vulnerability has been reported to affect Hyper Data Protector. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: Hyper Data Protector 2.2.4.1 and later

Products Affected

Vendor Product Version
qnap hyper_data_protector *
qnap hyper_data_protector 2.0.0.1115
CVE-2025-62840

A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later

Products Affected

Vendor Product Version
qnap hybrid_backup_sync *
CVE-2025-62842

An external control of file name or path vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read or modify files or directories. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 26.2.0.938 and later

Products Affected

Vendor Product Version
qnap hybrid_backup_sync *
CVE-2025-62847

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and later QuTS hero h5.2.7.3297 build 20251024 and later QuTS hero h5.3.1.3292 build 20251024 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap quts_hero h5.3.1.3250
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-62848

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and later QuTS hero h5.2.7.3297 build 20251024 and later QuTS hero h5.3.1.3292 build 20251024 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap quts_hero h5.3.1.3250
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-62849

An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build 20251024 and later QuTS hero h5.2.7.3297 build 20251024 and later QuTS hero h5.3.1.3292 build 20251024 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap quts_hero h5.3.1.3250
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-62852

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: QTS 5.2.8.3332 build 20251128 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2025-62853

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5166 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-62854

An uncontrolled resource consumption vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-62855

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-62856

A path traversal vulnerability has been reported to affect File Station 5. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-62857

A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuMagie 2.8.1 and later

Products Affected

Vendor Product Version
qnap qumagie *
CVE-2025-66274

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following version: QuTS hero h5.3.2.3354 build 20251225 and later

Products Affected

Vendor Product Version
qnap quts_hero h5.3.1.3250
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.3.1.3292
qnap quts_hero h5.3.0.3192
qnap quts_hero h5.3.0.3115
CVE-2025-66277

A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to traverse the file system to unintended locations. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3350 build 20251216 and later QuTS hero h5.3.2.3354 build 20251225 and later QuTS hero h5.2.8.3350 build 20251216 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap qts 5.2.8.3332
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap quts_hero h5.2.8.3321
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
CVE-2025-66278

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2025-9110

An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and later QuTS hero h5.2.8.3321 build 20251117 and later QuTS hero h5.3.1.3250 build 20250912 and later

Products Affected

Vendor Product Version
qnap qts 5.2.7.3297
qnap quts_hero h5.2.0.2737
qnap quts_hero h5.2.0.2789
qnap quts_hero h5.2.0.2802
qnap qts 5.2.4.3070
qnap qts 5.2.4.3079
qnap qts 5.2.0.2802
qnap quts_hero h5.2.4.3070
qnap quts_hero h5.2.1.2929
qnap quts_hero h5.2.1.2940
qnap qts 5.2.4.3092
qnap qts 5.2.0.2782
qnap qts 5.2.0.2860
qnap quts_hero h5.2.3.3006
qnap qts 5.2.2.2950
qnap quts_hero h5.2.5.3138
qnap qts 5.2.1.2930
qnap qts 5.2.0.2737
qnap qts 5.2.7.3256
qnap quts_hero h5.2.7.3297
qnap qts 5.2.0.2851
qnap quts_hero h5.2.7.3256
qnap quts_hero h5.2.0.2851
qnap quts_hero h5.2.2.2952
qnap quts_hero h5.3.0.3145
qnap quts_hero h5.2.6.3195
qnap qts 5.2.0.2744
qnap quts_hero h5.2.0.2823
qnap qts 5.2.6.3229
qnap qts 5.2.3.3006
qnap qts 5.2.5.3145
qnap quts_hero h5.2.0.2860
qnap quts_hero h5.3.0.3192
qnap qts 5.2.6.3195
qnap qts 5.2.0.2823
qnap quts_hero h5.2.0.2782
qnap quts_hero h5.2.4.3079
qnap quts_hero h5.3.0.3115
CVE-2026-22894

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5190 and later

Products Affected

Vendor Product Version
qnap file_station *
CVE-2026-22897

A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.4.0415 and later

Products Affected

Vendor Product Version
qnap qunetswitch *
CVE-2026-22900

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later

Products Affected

Vendor Product Version
qnap qunetswitch *
CVE-2026-22901

A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later

Products Affected

Vendor Product Version
qnap qunetswitch *
CVE-2026-22902

A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later

Products Affected

Vendor Product Version
qnap qunetswitch *