Vulnerabilities > Qnap > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-13 | CVE-2020-36197 | Improper Access Control vulnerability in Qnap Music Station An improper access control vulnerability has been reported to affect earlier versions of Music Station. | 8.8 |
| 2021-01-11 | CVE-2020-2508 | Command Injection vulnerability in Qnap QTS A command injection vulnerability has been reported to affect QTS and QuTS hero. | 7.2 |
| 2020-12-31 | CVE-2018-19944 | Cleartext Transmission of Sensitive Information vulnerability in Qnap QTS A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. | 7.5 |
| 2020-12-31 | CVE-2018-19941 | Cleartext Storage of Sensitive Information vulnerability in Qnap QTS A vulnerability has been reported to affect QNAP NAS. | 7.5 |
| 2020-12-29 | CVE-2020-25847 | Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. | 8.8 |
| 2020-12-24 | CVE-2020-2504 | Path Traversal vulnerability in Qnap QES If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. | 7.5 |
| 2020-12-24 | CVE-2020-2499 | Use of Hard-coded Credentials vulnerability in Qnap QES A hard-coded password vulnerability has been reported to affect earlier versions of QES. | 7.2 |
| 2020-11-16 | CVE-2020-2492 | Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. | 7.2 |
| 2020-11-16 | CVE-2020-2490 | Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. | 7.2 |
| 2020-11-02 | CVE-2018-19952 | SQL Injection vulnerability in Qnap Music Station If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. | 7.5 |