Vulnerabilities > Qnap > QTS > 4.5.4.1715

DATE CVE VULNERABILITY TITLE RISK
2024-03-08 CVE-2024-21899 Improper Authentication vulnerability in Qnap QTS and Quts Hero
An improper authentication vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-287
critical
9.8
2024-03-08 CVE-2024-21900 Injection vulnerability in Qnap QTS and Quts Hero
An injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-74
6.5
2024-03-08 CVE-2024-21901 SQL Injection vulnerability in Qnap QTS
A SQL injection vulnerability has been reported to affect myQNAPcloud.
network
low complexity
qnap CWE-89
4.7
2024-02-02 CVE-2023-32967 Incorrect Authorization vulnerability in Qnap QTS and Qutscloud
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-863
6.5
2024-02-02 CVE-2023-39297 OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
8.8
2024-02-02 CVE-2023-45025 Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-77
critical
9.8
2024-02-02 CVE-2023-47567 OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
7.2
2024-02-02 CVE-2023-47568 SQL Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
A SQL injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-89
8.8
2023-12-08 CVE-2023-23372 Cross-site Scripting vulnerability in Qnap QTS and Quts Hero
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-79
6.1
2023-11-03 CVE-2023-23368 OS Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
An OS command injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-78
critical
9.8