Vulnerabilities > Qsan > Sanos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-07 | CVE-2021-32521 | Use of Hard-coded Credentials vulnerability in Qsan Sanos, Storage Manager and Xevo Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. | 7.5 |
| 2021-07-07 | CVE-2021-32529 | Command Injection vulnerability in Qsan Sanos and Xevo Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. | 7.5 |
| 2021-07-07 | CVE-2021-32533 | OS Command Injection vulnerability in Qsan Sanos 2.0.0 The QSAN SANOS setting page does not filter special parameters. | 7.5 |
| 2021-07-07 | CVE-2021-32534 | OS Command Injection vulnerability in Qsan Sanos 2.0.0 QSAN SANOS factory reset function does not filter special parameters. | 7.5 |
| 2021-07-07 | CVE-2021-32535 | Use of Hard-coded Credentials vulnerability in Qsan Sanos 2.0.0 The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbitrary functions. | 7.5 |