Vulnerabilities > Qnap > QTS > 4.0

DATE CVE VULNERABILITY TITLE RISK
2024-03-08 CVE-2024-21899 Improper Authentication vulnerability in Qnap QTS and Quts Hero
An improper authentication vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-287
critical
9.8
2024-03-08 CVE-2024-21900 Injection vulnerability in Qnap QTS and Quts Hero
An injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-74
6.5
2024-03-08 CVE-2024-21901 SQL Injection vulnerability in Qnap QTS
A SQL injection vulnerability has been reported to affect myQNAPcloud.
network
low complexity
qnap CWE-89
4.7
2023-11-03 CVE-2023-39301 Server-Side Request Forgery (SSRF) vulnerability in Qnap QTS
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-918
4.3
2023-03-29 CVE-2022-27597 Unspecified vulnerability in Qnap products
A vulnerability has been reported to affect QNAP operating systems.
network
low complexity
qnap
2.7
2023-03-29 CVE-2022-27598 Unspecified vulnerability in Qnap products
A vulnerability has been reported to affect QNAP operating systems.
network
low complexity
qnap
2.7
2023-03-29 CVE-2023-23355 Command Injection vulnerability in Qnap products
An OS command injection vulnerability has been reported to affect QNAP operating systems.
network
low complexity
qnap CWE-77
7.2
2022-05-05 CVE-2021-38693 Path Traversal vulnerability in Qnap QTS and Qutscloud
A path traversal vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, QTS, QVR Pro Appliance.
network
low complexity
qnap CWE-22
5.0
2022-01-07 CVE-2021-38674 Cross-site Scripting vulnerability in Qnap QTS
A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud.
network
qnap CWE-79
4.3
2021-09-10 CVE-2018-19957 Improper Restriction of Rendered UI Layers or Frames vulnerability in Qnap QTS
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud.
network
qnap CWE-1021
4.3