VYPR

Quts Hero

by Qnap

CVEs (220)

  • CVE-2020-2509CriKEVApr 17, 2021
    risk 0.78cvss 9.8epss 0.34

    A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build…

  • CVE-2023-23368CriNov 3, 2023
    risk 0.65cvss 9.8epss 0.19

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build…

  • CVE-2022-27596CriJan 30, 2023
    risk 0.64cvss 9.8epss 0.03

    A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QuTS hero, QTS: QuTS hero h5.0.1.2248 build…

  • CVE-2021-28804CriJul 1, 2021
    risk 0.64cvss 9.8epss 0.02

    A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build…

  • CVE-2021-28802CriJul 1, 2021
    risk 0.64cvss 9.8epss 0.02

    A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build…

  • CVE-2019-7198CriDec 10, 2020
    risk 0.64cvss 9.8epss 0.03

    This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build…

  • CVE-2023-45025CriFeb 2, 2024
    risk 0.59cvss 9.0epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build…

  • CVE-2023-47568HigFeb 2, 2024
    risk 0.57cvss 8.8epss 0.01

    A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS…

  • CVE-2023-39297HigFeb 2, 2024
    risk 0.57cvss 8.8epss 0.01

    An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS…

  • CVE-2023-23362HigSep 22, 2023
    risk 0.57cvss 8.8epss 0.01

    An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability allows remote authenticated users to execute commands via susceptible QNAP devices. We have already fixed the vulnerability in the following versions: QTS…

  • CVE-2021-44051HigMay 5, 2022
    risk 0.57cvss 8.8epss 0.02

    A command injection vulnerability has been reported to affect QNAP NAS running QuTScloud, QuTS hero and QTS. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QuTScloud, QuTS…

  • CVE-2021-28798HigMay 21, 2021
    risk 0.57cvss 8.8epss 0.01

    A relative path traversal vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. If exploited, this vulnerability allows attackers to modify files that impact system integrity. QNAP have already fixed this vulnerability in the following versions: QTS…

  • CVE-2020-25847HigDec 29, 2020
    risk 0.57cvss 8.8epss 0.03

    This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.

  • CVE-2023-39296HigJan 5, 2024
    risk 0.49cvss 7.5epss 0.02

    A prototype pollution vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to override existing attributes with ones that have incompatible type, which may lead to a crash via a network. We have…

  • CVE-2023-32974HigOct 13, 2023
    risk 0.49cvss 7.5epss 0.01

    A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the…

  • CVE-2021-28816HigSep 10, 2021
    risk 0.49cvss 7.6epss 0.01

    A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud,…

  • CVE-2018-19941HigDec 31, 2020
    risk 0.49cvss 7.5epss 0.01

    A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. QNAP have already fixed this vulnerability in the following versions:…

  • CVE-2026-24719HigJun 10, 2026
    risk 0.47cvss 7.2epss 0.01

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…

  • CVE-2026-24716HigJun 10, 2026
    risk 0.47cvss 7.2epss 0.00

    A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the…

  • CVE-2026-22893HigJun 10, 2026
    risk 0.47cvss 7.2epss 0.01

    A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the…

Page 1 of 11