Home/Product/qnap quts hero
Product

qnap quts hero

223 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-14026
all versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local n
7.8HIGH
 CVE-2025-66277
all versions
A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then e
9.8CRITICAL
 CVE-2025-66274
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-59386
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-58466
all versions
A use of uninitialized variable vulnerability has been reported to affect several QNAP operating system versions. If a remote atta
4.9MEDIUM
 CVE-2025-48725
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a u
8.1HIGH
 CVE-2025-47205
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-9110
all versions
An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QN
7.5HIGH
 CVE-2025-62852
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an
6.5MEDIUM
 CVE-2025-59381
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an a
4.9MEDIUM
 CVE-2025-59380
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an a
4.9MEDIUM
 CVE-2025-48721
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an
6.5MEDIUM
 CVE-2025-57705
all versions
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system ve
4.9MEDIUM
 CVE-2025-54166
all versions
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains
4.9MEDIUM
 CVE-2025-54165
all versions
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains
4.9MEDIUM
 CVE-2025-54164
all versions
An out-of-bounds read vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains
4.9MEDIUM
 CVE-2025-53596
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-53593
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an
6.5MEDIUM
 CVE-2025-53592
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
6.5MEDIUM
 CVE-2025-53591
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2025-53590
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-53589
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-53414
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-53405
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52872
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a u
8.1HIGH
 CVE-2025-52864
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a u
8.1HIGH
 CVE-2025-52863
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a u
8.1HIGH
 CVE-2025-52431
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52430
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52426
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-47208
all versions
An allocation of resources without limits or throttling vulnerability has been reported to affect several QNAP operating system ve
6.5MEDIUM
 CVE-2025-44013
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
6.5MEDIUM
 CVE-2025-62849
all versions
An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then e
9.8CRITICAL
 CVE-2025-62848
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers
7.5HIGH
 CVE-2025-62847
all versions
An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating sy
7.5HIGH
 CVE-2025-59385
all versions
An authentication bypass by spoofing vulnerability has been reported to affect several QNAP operating system versions. The remote
9.8CRITICAL
 CVE-2025-53407
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2025-53406
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2025-52866
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52862
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52860
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52859
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52858
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52857
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52855
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52854
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52853
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52433
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52432
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52429
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2025-52428
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52427
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-52424
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-48730
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2025-48729
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-48728
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-48727
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-48726
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-47214
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-47213
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
4.9MEDIUM
 CVE-2025-47212
all versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a
7.2HIGH
 CVE-2025-47211
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an a
4.9MEDIUM
 CVE-2025-33032
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an a
4.9MEDIUM
 CVE-2025-30274
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit
6.5MEDIUM
 CVE-2025-30273
all versions
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gain
8.1HIGH
 CVE-2025-30272
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If can then exploit
6.5MEDIUM
 CVE-2025-30271
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a us
6.5MEDIUM
 CVE-2025-30270
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a us
6.5MEDIUM
 CVE-2025-30268
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
6.5MEDIUM
 CVE-2025-30267
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
6.5MEDIUM
 CVE-2025-30265
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a u
6.5MEDIUM
 CVE-2025-30264
all versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a
8.8HIGH
 CVE-2025-29882
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
6.5MEDIUM
 CVE-2025-22481
all versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerabil
8.8HIGH
 CVE-2024-56805
all versions
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerabilit
5.4MEDIUM
 CVE-2024-53699
all versions
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnera
7.2HIGH
 CVE-2024-53698
all versions
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability co
4.9MEDIUM
 CVE-2024-53697
all versions
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnera
7.2HIGH
 CVE-2024-53696
>= h4.5.0 and < h4.5.4.2476
A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could
4.9MEDIUM
 CVE-2024-53693
all versions
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating s
7.1HIGH
 CVE-2024-53692
all versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerabil
4.7MEDIUM
 CVE-2024-50405
all versions
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating s
5.5MEDIUM
 CVE-2024-38638
all versions
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnera
7.2HIGH
 CVE-2024-13086
>= h5.0.0 and < h5.2.0.2851
An exposure of sensitive information vulnerability has been reported to affect product. If exploited, the vulnerability could allo
5.3MEDIUM
 CVE-2022-27600
>= h4.5.1 and < h4.5.4.2374
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploite
6.8MEDIUM
 CVE-2024-53691
all versions
A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
8.8HIGH
 CVE-2024-50403
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-50402
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-50393
all versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerabil
9.8CRITICAL
 CVE-2024-48868
all versions
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating s
7.5HIGH
 CVE-2024-48867
all versions
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating s
7.5HIGH
 CVE-2024-48866
all versions
An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versio
5.3MEDIUM
 CVE-2024-48865
all versions
An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited,
7.5HIGH
 CVE-2024-48859
all versions
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
9.1CRITICAL
 CVE-2024-50401
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-50400
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-50399
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-50398
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-50397
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
8.8HIGH
 CVE-2024-50396
all versions
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If
8.8HIGH
 CVE-2024-37050
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2024-37049
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2024-37048
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
4.9MEDIUM
 CVE-2024-37047
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
6.5MEDIUM
 CVE-2024-37046
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
4.9MEDIUM
 CVE-2024-37045
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
4.9MEDIUM
 CVE-2024-37044
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-37043
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
4.9MEDIUM
 CVE-2024-37042
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
4.9MEDIUM
 CVE-2024-37041
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-38641
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
7.8HIGH
 CVE-2024-32771
all versions
An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating syst
2.6LOW
 CVE-2024-32763
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
8.8HIGH
 CVE-2024-21906
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
4.7MEDIUM
 CVE-2024-21904
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
5.9MEDIUM
 CVE-2024-21903
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
6.6MEDIUM
 CVE-2024-21898
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
8.8HIGH
 CVE-2024-21897
all versions
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the v
8.9HIGH
 CVE-2023-51368
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
5.4MEDIUM
 CVE-2023-51367
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.4MEDIUM
 CVE-2023-51366
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
8.7HIGH
 CVE-2023-50366
all versions
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the v
4.3MEDIUM
 CVE-2023-39298
all versions
A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
7.8HIGH
 CVE-2023-34979
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
6.6MEDIUM
 CVE-2023-34974
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
8.8HIGH
 CVE-2024-32765
>= h5.1.0 and < h5.1.8.2823
A vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow local authentica
4.2MEDIUM
 CVE-2024-27130
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
7.2HIGH
 CVE-2024-27129
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
6.4MEDIUM
 CVE-2024-27128
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
6.4MEDIUM
 CVE-2024-27127
all versions
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
7.2HIGH
 CVE-2024-21902
all versions
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system v
6.4MEDIUM
 CVE-2024-32766
>= h4.5.0 and < h4.5.4.2626
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
10.0CRITICAL
 CVE-2024-27124
>= h4.5.0 and < h4.5.4.2626
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
7.5HIGH
 CVE-2024-21905
>= h5.0.0 and < h5.1.3.2578
An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited,
6.5MEDIUM
 CVE-2023-51365
>= h4.5.0 and < h4.5.4.2626
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
8.7HIGH
 CVE-2023-51364
>= h4.5.0 and < h4.5.4.2626
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
8.7HIGH
 CVE-2023-50364
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
6.4MEDIUM
 CVE-2023-50363
all versions
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
7.4HIGH
 CVE-2023-50362
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.0MEDIUM
 CVE-2023-50361
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.0MEDIUM
 CVE-2024-21900
< h5.1.3.2578
An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability cou
4.3MEDIUM
 CVE-2024-21899
< h4.5.4.2626
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
9.8CRITICAL
 CVE-2023-34980
>= h4.5.0 and < h4.5.4.2626
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
5.9MEDIUM
 CVE-2023-32969
>= h5.1.0 and < h5.1.4.2596
A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability c
4.9MEDIUM
 CVE-2023-50358
>= h4.5.0 and < h4.5.4.2626
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
5.8MEDIUM
 CVE-2023-47218
>= h5.1.0 and < h5.1.5.2647
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
5.8MEDIUM
 CVE-2023-50359
all versions
An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vuln
3.4LOW
 CVE-2023-47568
all versions
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
8.8HIGH
 CVE-2023-47567
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
4.7MEDIUM
 CVE-2023-47566
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
6.7MEDIUM
 CVE-2023-45037
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45036
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45035
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45028
all versions
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploite
5.5MEDIUM
 CVE-2023-45027
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
5.5MEDIUM
 CVE-2023-45026
all versions
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
5.5MEDIUM
 CVE-2023-45025
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
9.0CRITICAL
 CVE-2023-41292
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-41283
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
5.5MEDIUM
 CVE-2023-41282
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
5.5MEDIUM
 CVE-2023-41281
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
5.5MEDIUM
 CVE-2023-41280
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.5MEDIUM
 CVE-2023-41279
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.5MEDIUM
 CVE-2023-41278
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.5MEDIUM
 CVE-2023-41277
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.5MEDIUM
 CVE-2023-41276
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.5MEDIUM
 CVE-2023-41275
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
5.5MEDIUM
 CVE-2023-41274
all versions
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
5.5MEDIUM
 CVE-2023-41273
all versions
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the v
5.5MEDIUM
 CVE-2023-39303
all versions
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
5.3MEDIUM
 CVE-2023-39302
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
6.6MEDIUM
 CVE-2023-39297
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
8.8HIGH
 CVE-2023-45044
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45043
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45042
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45041
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45040
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-45039
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-39296
all versions
A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerab
7.5HIGH
 CVE-2023-39294
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
6.6MEDIUM
 CVE-2023-32975
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
4.9MEDIUM
 CVE-2023-32968
all versions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
4.5MEDIUM
 CVE-2023-23372
all versions
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the v
6.5MEDIUM
 CVE-2023-23367
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
4.7MEDIUM
 CVE-2023-39301
< h5.1.1.2488
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP operating system versions. If exploite
4.3MEDIUM
 CVE-2023-23368
all versions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulner
9.8CRITICAL
 CVE-2023-32974
>= h5.1.0 and < h5.1.0.2424
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability
7.5HIGH
 CVE-2023-32973
>= h4.5.0 and < h4.5.4.2476
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-32970
>= h4.5.0 and < h4.5.4.2476
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vul
4.9MEDIUM
 CVE-2023-32972
>= h4.5.0 and < h4.5.4.2476
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-32971
>= h4.5.0 and < h4.5.4.2476
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If
3.8LOW
 CVE-2023-23362
>= h4.5.4 and < h4.5.4.2374
An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability allows r
8.8HIGH
 CVE-2023-34973
>= h5.1.0 and < h5.1.0.2424
An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly
3.1LOW
 CVE-2023-34972
>= h5.1.0 and < h5.1.0.2424
A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited,
3.5LOW
 CVE-2023-34971
>= h4.5.4 and < h4.5.4.2476
An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerabilit
7.1HIGH
 CVE-2022-27598
< h5.0.1.2348
A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remo
2.7LOW
 CVE-2022-27597
< h5.0.1.2348
A vulnerability has been reported to affect QNAP operating systems. If exploited, the out-of-bounds read vulnerability allows remo
2.7LOW
 CVE-2023-23355
< h5.0.1.2348
An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly
6.6MEDIUM
 CVE-2022-27596
>= h5.0.1 and < h5.0.1.2248
A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote att
9.8CRITICAL
 CVE-2021-44054
< h4.5.4.1771
An open redirect vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero and QTS. If exploited, this vu
4.3MEDIUM
 CVE-2021-44053
< h4.5.4.1771
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QTS, QuTS hero and QuTScloud. If exploi
5.7MEDIUM
 CVE-2021-44052
< h4.5.4.1771
An improper link resolution before file access ('Link Following') vulnerability has been reported to affect QNAP device running Qu
6.5MEDIUM
 CVE-2021-44051
< h4.5.4.1771
A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vu
8.8HIGH
 CVE-2021-38693
>= h5.0.0.1772 and < h5.0.0.1949
A path traversal vulnerability has been reported to affect QNAP device running QuTScloud, QuTS hero, QTS, QVR Pro Appliance. If ex
5.3MEDIUM
 CVE-2021-38674
< h4.5.4.1771
A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulnerabil
4.2MEDIUM
 CVE-2021-34343
< h4.5.4.1771
A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, thi
6.0MEDIUM
 CVE-2021-28816
< h4.5.4.1771
A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, thi
7.6HIGH
 CVE-2018-19957
< h4.5.4.1771
A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTS
6.1MEDIUM
 CVE-2021-28804
<= h4.5.1.1582
A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attack
9.8CRITICAL
 CVE-2021-28802
< h4.5.1.1582
A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attack
9.8CRITICAL
 CVE-2020-36194
< h4.5.2.1638
An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attac
6.1MEDIUM
 CVE-2021-28806
< h4.5.2.1638
A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability all
5.7MEDIUM
 CVE-2021-28798
< h4.5.2.1638
A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnera
8.8HIGH
 CVE-2020-2509
< h4.5.1
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers
9.8CRITICAL
 CVE-2018-19942
< h4.5.1
A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulner
6.1MEDIUM
 CVE-2020-2508
< h4.5.1.1472
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers
7.2HIGH
 CVE-2018-19941
< h4.5.1.1472
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive info
7.5HIGH
 CVE-2020-25847
< h4.5.1.1491
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have alread
8.8HIGH
 CVE-2020-2498
< h4.5.1.1472
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configu
6.1MEDIUM
 CVE-2020-2497
< 4.5.1.1472
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection L
6.1MEDIUM
 CVE-2020-2496
< 4.5.1.1472
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP
6.1MEDIUM
 CVE-2020-2495
< 4.5.1.1472
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP
6.1MEDIUM
 CVE-2019-7198
< h4.5.1.1472
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have alread
9.8CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin