Vulnerabilities > Qnap > Qutscloud > c4.5.1

DATE CVE VULNERABILITY TITLE RISK
2024-03-08 CVE-2024-21899 Improper Authentication vulnerability in Qnap QTS and Quts Hero
An improper authentication vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-287
critical
9.8
2024-03-08 CVE-2024-21900 Injection vulnerability in Qnap QTS and Quts Hero
An injection vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-74
6.5
2023-11-03 CVE-2023-39301 Server-Side Request Forgery (SSRF) vulnerability in Qnap QTS
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-918
4.3
2022-05-05 CVE-2021-38693 Path Traversal vulnerability in Qnap QTS and Qutscloud
A path traversal vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, QTS, QVR Pro Appliance.
network
low complexity
qnap CWE-22
5.0
2022-05-05 CVE-2021-44051 Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS.
network
low complexity
qnap CWE-77
8.8
2022-05-05 CVE-2021-44052 Link Following vulnerability in Qnap Qts, Quts Hero and Qutscloud
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS.
network
low complexity
qnap CWE-59
8.1
2022-05-05 CVE-2021-44053 Cross-site Scripting vulnerability in Qnap Qts, Quts Hero and Qutscloud
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud.
network
low complexity
qnap CWE-79
6.1
2022-05-05 CVE-2021-44054 Open Redirect vulnerability in Qnap Qts, Quts Hero and Qutscloud
An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS.
network
low complexity
qnap CWE-601
6.1
2022-01-07 CVE-2021-38674 Cross-site Scripting vulnerability in Qnap QTS
A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud.
network
qnap CWE-79
4.3
2021-09-10 CVE-2018-19957 Improper Restriction of Rendered UI Layers or Frames vulnerability in Qnap QTS
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud.
network
qnap CWE-1021
4.3