Vulnerabilities > Qnap > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-06 CVE-2023-32972 Out-of-bounds Write vulnerability in Qnap QTS and Quts Hero
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions.
network
low complexity
qnap CWE-787
7.2
2023-09-22 CVE-2023-23362 OS Command Injection vulnerability in Qnap QTS and Qutscloud
An OS command injection vulnerability has been reported to affect QNAP operating systems.
network
low complexity
qnap CWE-78
8.8
2023-08-24 CVE-2023-34971 Inadequate Encryption Strength vulnerability in Qnap QTS and Quts Hero
An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems.
low complexity
qnap CWE-326
8.8
2023-03-29 CVE-2023-23355 Command Injection vulnerability in Qnap products
An OS command injection vulnerability has been reported to affect QNAP operating systems.
network
low complexity
qnap CWE-77
7.2
2022-05-26 CVE-2021-34360 Cross-Site Request Forgery (CSRF) vulnerability in Qnap NAS Proxy Server
A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server.
network
low complexity
qnap CWE-352
8.8
2022-05-05 CVE-2021-44051 Command Injection vulnerability in Qnap Qts, Quts Hero and Qutscloud
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS.
network
low complexity
qnap CWE-77
8.8
2022-05-05 CVE-2021-44052 Link Following vulnerability in Qnap Qts, Quts Hero and Qutscloud
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, and QTS.
network
low complexity
qnap CWE-59
8.1
2021-12-29 CVE-2021-38688 Unspecified vulnerability in Qnap Qfile
An improper authentication vulnerability has been reported to affect Android App Qfile.
network
low complexity
qnap
7.5
2021-11-26 CVE-2021-38686 Unspecified vulnerability in Qnap QVR 5.1.5
An improper authentication vulnerability has been reported to affect QNAP device, VioStor.
network
low complexity
qnap
8.8
2021-11-20 CVE-2021-34358 Unspecified vulnerability in Qnap Qmailagent
We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later
network
low complexity
qnap
8.8