Vulnerabilities > Qnap > QTS > 4.3.4.2451

DATE CVE VULNERABILITY TITLE RISK
2024-03-08 CVE-2024-21899 Improper Authentication vulnerability in Qnap QTS and Quts Hero
An improper authentication vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-287
critical
 9.8
9.8
2024-03-08 CVE-2024-21900 Injection vulnerability in Qnap QTS and Quts Hero
An injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-74
6.5
6.5
2024-03-08 CVE-2024-21901 SQL Injection vulnerability in Qnap QTS
A SQL injection vulnerability has been reported to affect myQNAPcloud.
network
low complexity
qnap CWE-89
4.7
4.7
2023-11-03 CVE-2023-39301 Server-Side Request Forgery (SSRF) vulnerability in Qnap QTS
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-918
4.3
4.3
2020-12-10 CVE-2020-2498 Cross-site Scripting vulnerability in Qnap QTS and Quts Hero
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration.
network
low complexity
qnap CWE-79
6.1
6.1