The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable, deobfuscating the key, and running a cryptsetup luksOpen command.
Max CVSS
5.9
EPSS Score
0.04%
Published
2009-09-21
Updated
2018-10-10
The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create a LUKS partition by using the AES-256 cipher in plain CBC mode, which allows local users to obtain sensitive information via a watermark attack.
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-09-21
Updated
2018-10-10
QNAP VioStor NVR devices with firmware 4.0.3, and the Surveillance Station Pro component in QNAP NAS, have a hardcoded guest account, which allows remote attackers to obtain web-server login access via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.26%
Published
2013-06-07
Updated
2013-06-10
cgi-bin/pingping.cgi on QNAP VioStor NVR devices with firmware 4.0.3, and in the Surveillance Station Pro component in QNAP NAS, allows remote authenticated users to execute arbitrary commands by leveraging guest access and placing shell metacharacters in the query string.
Max CVSS
6.5
EPSS Score
2.90%
Published
2013-06-07
Updated
2013-06-10
Cross-site request forgery (CSRF) vulnerability in cgi-bin/create_user.cgi on QNAP VioStor NVR devices with firmware 4.0.3 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a NEW USER action.
Max CVSS
6.8
EPSS Score
0.07%
Published
2013-06-07
Updated
2013-06-10
QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php.
Max CVSS
5.0
EPSS Score
0.47%
Published
2014-06-09
Updated
2017-08-29
QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in authorized_keys files. NOTE: 1. All active models are not affected. The last affected model was EOL since 2010. 2. The legacy authorization mechanism is no longer adopted in all active models
Max CVSS
9.8
EPSS Score
0.35%
Published
2021-08-09
Updated
2024-03-21
QNAP VioCard 300 has hardcoded RSA private keys.
Max CVSS
7.5
EPSS Score
0.33%
Published
2020-02-13
Updated
2020-02-28
Absolute path traversal vulnerability in cgi-bin/jc.cgi in QNAP QTS before 4.1.0 allows remote attackers to read arbitrary files via a full pathname in the f parameter.
Max CVSS
7.8
EPSS Score
0.33%
Published
2014-01-09
Updated
2016-12-31
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.
Max CVSS
2.1
EPSS Score
0.04%
Published
2014-08-25
Updated
2014-08-26
Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS before 4.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
6.1
EPSS Score
0.30%
Published
2016-07-03
Updated
2017-09-01
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.
Max CVSS
9.3
EPSS Score
0.66%
Published
2015-10-16
Updated
2016-12-08
Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL.
Max CVSS
9.0
EPSS Score
0.21%
Published
2016-02-27
Updated
2016-03-08
QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and consequently upload files, via a spoofed HTTP request.
Max CVSS
7.5
EPSS Score
0.15%
Published
2016-02-27
Updated
2016-03-02
The FTP service in QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, has hardcoded credentials, which makes it easier for remote attackers to obtain access via a session on TCP port 21.
Max CVSS
9.8
EPSS Score
0.42%
Published
2016-02-27
Updated
2016-03-11
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows remote authenticated users to gain privileges by registering an executable file, and then waiting for this file to be run in a privileged context after a reboot.
Max CVSS
8.5
EPSS Score
0.17%
Published
2016-02-27
Updated
2016-03-11
QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file.
Max CVSS
7.5
EPSS Score
1.24%
Published
2017-03-23
Updated
2017-08-16
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors.
Max CVSS
10.0
EPSS Score
76.51%
Published
2017-03-23
Updated
2019-10-03
QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors.
Max CVSS
10.0
EPSS Score
94.14%
Published
2017-03-23
Updated
2019-10-03
QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors.
Max CVSS
10.0
EPSS Score
95.91%
Published
2017-03-23
Updated
2019-10-03
QNAP QTS before 4.2.6 build 20170517 has a flaw in the change password function.
Max CVSS
7.5
EPSS Score
0.09%
Published
2017-06-15
Updated
2017-06-22
QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.
Max CVSS
5.3
EPSS Score
0.16%
Published
2018-03-27
Updated
2018-04-18
Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.
Max CVSS
6.1
EPSS Score
0.12%
Published
2018-03-27
Updated
2018-04-18
Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.
Max CVSS
6.1
EPSS Score
0.12%
Published
2018-03-27
Updated
2018-04-18
QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device.
Max CVSS
7.5
EPSS Score
0.16%
Published
2018-03-05
Updated
2018-03-29
276 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!