Vulnerabilities > Qnap
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-13 | CVE-2018-0714 | Command Injection vulnerability in Qnap Helpdesk Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application. | 9.8 |
| 2018-07-17 | CVE-2018-0710 | OS Command Injection vulnerability in Qnap Q'Center Command injection vulnerability in SSH of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | 8.8 |
| 2018-07-17 | CVE-2018-0709 | OS Command Injection vulnerability in Qnap Q'Center Command injection vulnerability in date of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | 8.8 |
| 2018-07-17 | CVE-2018-0708 | OS Command Injection vulnerability in Qnap Q'Center Command injection vulnerability in networking of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | 8.8 |
| 2018-07-17 | CVE-2018-0707 | OS Command Injection vulnerability in Qnap Q'Center Command injection vulnerability in change password of QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to run arbitrary commands. | 7.2 |
| 2018-07-17 | CVE-2018-0706 | Unspecified vulnerability in Qnap Q'Center Exposure of Private Information in QNAP Q'center Virtual Appliance version 1.7.1063 and earlier could allow authenticated users to access sensitive information. | 8.8 |
| 2018-06-21 | CVE-2018-0712 | Command Injection vulnerability in Qnap QTS Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS. | 9.8 |
| 2018-06-21 | CVE-2017-13072 | Cross-site Scripting vulnerability in Qnap QTS 4.2.6/4.3.3/4.3.4 Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code. | 6.1 |
| 2018-06-05 | CVE-2017-7639 | Improper Authentication vulnerability in Qnap NAS Proxy Server QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. | 5.3 |
| 2018-06-05 | CVE-2017-7637 | OS Command Injection vulnerability in Qnap NAS Proxy Server QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges. | 9.8 |