Vulnerabilities > Qnap

DATE CVE VULNERABILITY TITLE RISK
2021-07-08 CVE-2021-28809 Missing Authentication for Critical Function vulnerability in Qnap Hybrid Backup Sync 3.0.210411/3.0.210412
An improper access control vulnerability has been reported to affect certain legacy versions of HBS 3.
network
low complexity
qnap CWE-306
critical
10.0
2021-07-01 CVE-2020-36194 Cross-Site Scripting vulnerability in Qnap QTS
An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero.
network
qnap CWE-79
4.3
2021-07-01 CVE-2020-36196 Cross-Site Scripting vulnerability in Qnap Qulog Center
A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center.
network
qnap CWE-79
4.3
2021-07-01 CVE-2021-28802 OS Command Injection vulnerability in Qnap QTS
A command injection vulnerabilities have been reported to affect QTS and QuTS hero.
network
low complexity
qnap CWE-78
7.5
2021-07-01 CVE-2021-28803 Improper Neutralization of Script-Related Html Tags in A web Page (Basic XSS) vulnerability in Qnap Q'Center
This issue affects: QNAP Systems Inc.
network
qnap CWE-80
3.5
2021-07-01 CVE-2021-28804 OS Command Injection vulnerability in Qnap QTS
A command injection vulnerabilities have been reported to affect QTS and QuTS hero.
network
low complexity
qnap CWE-78
7.5
2021-06-24 CVE-2021-28800 OS Command Injection vulnerability in Qnap QTS
A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of QTS.
network
low complexity
qnap CWE-78
7.5
2021-06-16 CVE-2021-28815 Insecure Storage of Sensitive Information vulnerability in Qnap Myqnapcloud Link
Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link.
network
low complexity
qnap CWE-922
4.0
2021-06-11 CVE-2021-28801 Out-Of-Bounds Read vulnerability in Qnap QSS
An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS.
network
low complexity
qnap CWE-125
5.0
2021-06-11 CVE-2021-28805 Information Exposure vulnerability in Qnap QSS 1.0.2/1.0.3
Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS.
local
low complexity
qnap CWE-200
2.1