Vulnerabilities > Qnap > QTS > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-27 | CVE-2017-7630 | Information Exposure vulnerability in Qnap QTS 4.2.6/4.3.3 QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi. | 5.3 |
| 2016-07-03 | CVE-2015-5664 | Cross-site Scripting vulnerability in Qnap QTS Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS before 4.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |