Vulnerabilities > Qnap > QTS

DATE CVE VULNERABILITY TITLE RISK
2020-10-28 CVE-2018-19953 Cross-site Scripting vulnerability in Qnap QTS
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code.
network
qnap CWE-79
4.3
4.3
2020-10-28 CVE-2018-19949 Command Injection vulnerability in Qnap QTS
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands.
network
low complexity
qnap CWE-77
7.5
7.5
2020-10-28 CVE-2018-19943 Cross-site Scripting vulnerability in Qnap QTS
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code.
network
qnap CWE-79
3.5
3.5
2019-12-05 CVE-2019-7193 Improper Input Validation vulnerability in Qnap QTS
This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system.
network
low complexity
qnap CWE-20
critical
 10.0
10
2019-12-05 CVE-2019-7183 Link Following vulnerability in Qnap QTS
This improper link resolution vulnerability allows remote attackers to access system files.
network
low complexity
qnap CWE-59
7.5
7.5
2019-12-04 CVE-2019-7197 Cross-site Scripting vulnerability in Qnap QTS
A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS.
network
qnap CWE-79
3.5
3.5
2019-12-04 CVE-2018-0730 Command Injection vulnerability in Qnap QTS
This command injection vulnerability in File Station allows attackers to execute commands on the affected device.
network
low complexity
qnap CWE-77
7.5
7.5
2019-12-04 CVE-2018-0729 Command Injection vulnerability in Qnap Music Station
This command injection vulnerability in Music Station allows attackers to execute commands on the affected device.
network
low complexity
qnap CWE-77
7.5
7.5
2019-12-04 CVE-2018-0728 Improper Privilege Management vulnerability in Qnap Helpdesk
This improper access control vulnerability in Helpdesk allows attackers to access the system logs.
network
low complexity
qnap CWE-269
5.0
5.0
2019-02-01 CVE-2018-0722 Path Traversal vulnerability in Qnap Photo Station
Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device.
network
low complexity
qnap CWE-22
5.0
5.0