Vulnerabilities > Qnap > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-31 | CVE-2018-19945 | Path Traversal vulnerability in Qnap QTS A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. | 9.1 |
| 2020-12-10 | CVE-2019-7198 | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 9.8 |
| 2020-11-02 | CVE-2018-19950 | Command Injection vulnerability in Qnap Music Station If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. | 9.8 |
| 2020-10-28 | CVE-2018-19949 | Command Injection vulnerability in Qnap QTS If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. | 9.8 |
| 2019-12-05 | CVE-2019-7195 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7194 | Path Traversal vulnerability in Qnap Photo Station This external control of file name or path vulnerability allows remote attackers to access or modify system files. | 9.8 |
| 2019-12-05 | CVE-2019-7193 | Improper Input Validation vulnerability in Qnap QTS This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. | 9.8 |
| 2019-12-05 | CVE-2019-7192 | Incorrect Authorization vulnerability in Qnap Photo Station This improper access control vulnerability allows remote attackers to gain unauthorized access to the system. | 9.8 |
| 2019-12-05 | CVE-2019-7183 | Link Following vulnerability in Qnap QTS This improper link resolution vulnerability allows remote attackers to access system files. | 9.8 |
| 2019-12-04 | CVE-2018-0730 | Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. | 9.8 |