QNAP Latest Vulnerabilities

December 19

Insecure Library Loading Vulnerability in QVPN Device Client

CVE-2022-27595
QNAPQvpn Windows7.8HIGH

Uncontrolled Resource Consumption Vulnerability in QNAP Operating Systems

CVE-2022-27600
QNAPQts6.8MEDIUM

Cross-Site Scripting Vulnerability in QNAP Operating Systems

CVE-2023-23354
QNAPQulog Center7.3HIGH

Command Injection Vulnerability in QNAP Operating Systems

CVE-2023-23356
QNAPQufirewall5.5MEDIUM

Cross-Site Scripting Vulnerability in QNAP Products

CVE-2023-23357
QNAPQulog Center4.8MEDIUM

December 6

QNAP Fixes Remote Authentication Vulnerability Affecting QTS, QuTS Hero

CVE-2024-48859
QNAP

QTS, QuTS hero

CVE-2024-50393
QNAPQts

November 22

QHora

CVE-2024-48861
QNAPQurouter

September 6

Download Station Vulnerability to Inject Malicious Code via Network

CVE-2024-38640
QNAPDownload Station5.4MEDIUM

QuMagie Vulnerability Could Allow Local Network Users to Compromise Security

CVE-2024-38642
QNAPQumagie7.8HIGH

QNAP OS Command Injection Vulnerability

CVE-2024-38641
QNAPQts7.8HIGH

Buffer Copy Without Checking Size of Input Vulnerability

CVE-2024-32763
QNAPQts8.8HIGH

OS Command Injection Vulnerability Affects QNAP QTS Versions

CVE-2024-21906
QNAPQts4.7MEDIUM

QNAP Addresses OS Command Injection Vulnerability

CVE-2023-34979
QNAPQts7.2HIGH

QNAP QTS Vulnerability Affects Multiple Versions, Fix Released

CVE-2023-34974
QNAPQts8.8HIGH

QuLog Center XSS Vulnerability

CVE-2024-32762
QNAPQulog Center6.1MEDIUM

Helpdesk Plugs Cross-Site Scripting Flaw

CVE-2024-27125
QNAPHelpdesk4.8MEDIUM

QNAP QTS Vulnerability: Arbitrary Authentication Attempts Allowed

CVE-2024-32771
QNAPQts2.4LOW

QNAP QTS Vulnerability: Local Auth Bypass Could Allow Data Breaches

CVE-2023-39298
QNAPQts7.8HIGH

QTS Vulnerability Could Allow Command Injection Via Network

CVE-2023-39300
QNAPQts7.2HIGH

Music Station Vulnerability: Improper Authentication Exposes System Security via Network

CVE-2023-45038
QNAPMusic Station8.8HIGH

Video Station SQL Injection Vulnerability

CVE-2023-50360
QNAPVideo Station8.8HIGH

Video Station OS Command Injection Vulnerability

CVE-2023-47563
QNAPVideo Station8.8HIGH

QNAP Fixes Path Traversal Vulnerability

CVE-2024-21904
QNAPQts6.5MEDIUM

Unauthorized Code Execution Vulnerability Affects QVR Smart Client

CVE-2022-27592
QNAPQvr Smart Client6.7MEDIUM

IBM Notes Station 3 Vulnerable to Cross-Site Scripting (XSS) Attacks

CVE-2024-27126
QNAPNotes Station 35.4MEDIUM

Notes Station 3 Vulnerable to XSS Attacks

CVE-2024-27122
QNAPNotes Station 35.4MEDIUM

QNAP Addresses OS Command Injection Vulnerability in Several Operating System Versions

CVE-2024-21903
QNAPQts4.7MEDIUM

QNAP OS Command Injection Vulnerability

CVE-2024-21898
QNAPQts8.8HIGH

QNAP Operating System Versions Vulnerable to Cross-Site Scripting (XSS) Attack

CVE-2024-21897
QNAPQts5.4MEDIUM

QNAP OS Versions Vulnerable to NULL Pointer Dereference Attack

CVE-2023-51368
QNAPQts6.5MEDIUM

Buffer Copy Vulnerability Affects QNAP Operating Systems

CVE-2023-51367
QNAPQts8.8HIGH

QNAP Addresses Path Traversal Vulnerability in Multiple OS Versions

CVE-2023-51366
QNAPQts6.5MEDIUM

QNAP Fixes Cross-Site Scripting Vulnerability in Select Operating System Versions

CVE-2023-50366
QNAPQts4.8MEDIUM

August 12

QTS Vulnerability Fix

CVE-2024-32765
QNAPQts4.2MEDIUM

May 21

Buffer Copy Vulnerability Affects QNAP Operating System Versions

CVE-2024-27130
QNAPQts😄👾8.8HIGH

Buffer Copy Vulnerability Affects QNAP Operating System Versions

CVE-2024-27129
QNAPQts8.8HIGH

Buffer Copy Vulnerability Affects QNAP Operating System Versions

CVE-2024-27128
QNAPQts8.8HIGH

QNAP QTS Vulnerability: Authenticated Execution of Arbitrary Code via Network

CVE-2024-27127
QNAPQts8.8HIGH

Critical Resource Vulnerability Affects QTS Operating System Versions

CVE-2024-21902
QNAPQts8.1HIGH

April 26

Buffer Copy Vulnerability Affects QNAP Operating System Versions

CVE-2023-50361
QNAPQts8.8HIGH

Buffer Copy Vulnerability Affects QNAP Operating System Versions

CVE-2023-50362
QNAPQts8.8HIGH

QNAP QTS Operating System Vulnerability Affects Multiple Versions

CVE-2024-32766
QNAP👾

QNAP QTS Vulnerability Affects Multiple Versions, Fix Released

CVE-2023-51364
QNAP

QNAP Operating System Vulnerability Affects System Security via Network

CVE-2024-21905
QNAPQts6.5MEDIUM

Critical Function Vulnerability Affects myQNAPcloud Link, Fix Available in Version 2.4.51 and Later

CVE-2024-32764
QNAP

QNAP QTS Vulnerability Affects Multiple Versions, Fix Released

CVE-2023-51365
QNAP

Buffer Copy Vulnerability Affects QNAP Operating System Versions

CVE-2023-50364
QNAPQts8.8HIGH

Incorrect Authorization Vulnerability Affects QNAP Operating System Versions

CVE-2023-50363
QNAPQts8.1HIGH

QNAP QTS Operating System Vulnerability Affects Multiple Versions

CVE-2024-27124
QNAPQts7.5HIGH

QuFirewall Path Traversal Vulnerability Could Expose Sensitive Data

CVE-2023-41290
QNAPQufirewall4.1MEDIUM

QuFirewall Path Traversal Vulnerability Could Expose Sensitive Data

CVE-2023-41291
QNAPQufirewall5.5MEDIUM

March 8

SQL Injection Vulnerability Affects myQNAPcloud

CVE-2024-21901
QNAPMyqnapcloud4.7MEDIUM

QNAP Operating System Vulnerability Affects Authenticated Users

CVE-2024-21900
QNAPQts6.5MEDIUM

QNAP Fixes Improper Authentication Vulnerability Affecting Multiple Versions of QTS

CVE-2024-21899
QNAPQts👾9.8CRITICAL

QuTScloud Cross-Site Scripting Vulnerability

CVE-2023-32969
QNAPQutscloud4.9MEDIUM

OS Command Injection Vulnerability Affects QNAP Operating System Versions

CVE-2023-34980
QNAPQts5.9MEDIUM

Photo Station Vulnerability: Authenticated Admins at Risk of Exposing Sensitive Data

CVE-2023-47221
QNAPPhoto Station5.5MEDIUM

February 13

QTS, QuTS hero, QuTScloud

CVE-2023-50358
QNAPQTS👾5.8MEDIUM

QNAP OS Command Injection Vulnerability Affects Multiple Versions

CVE-2023-47218
QNAPQTS👾5.8MEDIUM

February 2

QNAP Operating System Vulnerability Could Lead to Crash or Unintended Behaviors

CVE-2023-50359
QNAPQts3.4LOW

QNAP QTS Vulnerability: SQL Injection Risk Affects Multiple Versions

CVE-2023-47568
QNAPQts8.8HIGH

QNAP QTS Operating System Vulnerability Affects Multiple Versions

CVE-2023-47567
QNAPQts4.7MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-47566
QNAPQTS7.2HIGH

Qsync Central

CVE-2023-47564
QNAPQsync Central👾8HIGH

Photo Station

CVE-2023-47562
QNAPPhoto Station7.4HIGH

Photo Station

CVE-2023-47561
QNAPPhoto Station5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-45037
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-45036
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-45035
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-45028
QNAPQTS4.9MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-45027
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-45026
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-45025
QNAPQTS9.8CRITICAL

QTS, QuTS hero, QuTScloud

CVE-2023-41292
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-41283
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-41282
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-41281
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-41280
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-41279
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-41278
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-41277
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-41276
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-41275
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-41274
QNAPQts5.5MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-41273
QNAPQTS7.2HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-39303
QNAPQts5.3MEDIUM

QTS, QuTS hero, QuTScloud

CVE-2023-39297
QNAPQTS8.8HIGH

QTS, QuTS hero, QuTScloud

CVE-2023-39302
QNAPQts6.6MEDIUM

QTS, QuTScloud

CVE-2023-32967
QNAPQutscloud5MEDIUM

January 5

QTS, QuTS hero

CVE-2023-45040
QNAPQTS3.8LOW

QcalAgent

CVE-2023-41289
QNAPQcalAgent6.3MEDIUM

QTS, QuTS hero

CVE-2023-45039
QNAPQts3.8LOW

QTS, QuTS hero

CVE-2023-45042
QNAPQuTS hero3.8LOW

QuMagie

CVE-2023-47559
QNAPQuMagie5.5MEDIUM

Video Station

CVE-2023-41288
QNAPVideo Station8.8HIGH

QTS, QuTS hero

CVE-2023-45044
QNAPQuTS hero3.8LOW

QTS, QuTS hero

CVE-2023-39294
QNAPQts6.6MEDIUM

QTS, QuTS hero

CVE-2023-45041
QNAPQuTS hero3.8LOW

QuMagie

CVE-2023-47219
QNAPQuMagie3.5LOW