Vulnerabilities > Qnap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-28 | CVE-2018-19949 | Command Injection vulnerability in Qnap QTS If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. | 9.8 |
| 2020-10-28 | CVE-2018-19943 | Cross-site Scripting vulnerability in Qnap QTS If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. | 5.4 |
| 2020-09-11 | CVE-2018-19948 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 6.5 |
| 2020-09-11 | CVE-2018-19947 | Information Exposure Through an Error Message vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 6.5 |
| 2020-09-11 | CVE-2018-19946 | Improper Certificate Validation vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 5.9 |
| 2020-07-01 | CVE-2020-2500 | Use of Hard-coded Credentials vulnerability in Qnap Helpdesk This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. | 6.5 |
| 2020-02-13 | CVE-2013-6277 | Use of Hard-coded Credentials vulnerability in Qnap Viocard 300 Firmware Rsb3722/Rsb4631 QNAP VioCard 300 has hardcoded RSA private keys. | 7.5 |
| 2019-12-05 | CVE-2019-7195 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7194 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7193 | Improper Input Validation vulnerability in Qnap QTS This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. | 9.8 |