Vulnerabilities > Qnap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-05 | CVE-2019-7192 | Incorrect Authorization vulnerability in Qnap Photo Station This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. | 9.8 |
| 2019-12-05 | CVE-2019-7185 | Cross-site Scripting vulnerability in Qnap Music Station This cross-site scripting (XSS) vulnerability in Music Station allows remote attackers to inject and execute scripts on the administrator’s management console. | 4.8 |
| 2019-12-05 | CVE-2019-7184 | Cross-site Scripting vulnerability in Qnap Video Station This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. | 4.8 |
| 2019-12-05 | CVE-2019-7183 | Link Following vulnerability in Qnap QTS This improper link resolution vulnerability allows remote attackers to access system files. | 9.8 |
| 2019-12-04 | CVE-2019-7201 | Unquoted Search Path or Element vulnerability in Qnap Netbak Replicator 4.5.11.816 An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. | 7.8 |
| 2019-12-04 | CVE-2019-7197 | Cross-site Scripting vulnerability in Qnap QTS A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. | 4.8 |
| 2019-12-04 | CVE-2018-0730 | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-12-04 | CVE-2018-0729 | Command Injection vulnerability in Qnap Music Station This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. | 9.8 |
| 2019-12-04 | CVE-2018-0728 | Improper Privilege Management vulnerability in Qnap Helpdesk This improper access control vulnerability in Helpdesk allows attackers to access the system logs. | 7.5 |
| 2019-05-09 | CVE-2019-7181 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qnap Myqnapcloud 1.0.52/1.3.3.0925 Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program. | 7.5 |