Firmware & Software

XSS and Open Redirect Vulnerabilities in QcalAgent

12. Januar 2022
A cross-site scripting (XSS) vulnerability and an open redirect vulnerability have been reported to affect QNAP NAS running QcalAg ... More
Stack Overflow Vulnerability in QVR Elite, QVR Pro, and QVR Guard

12. Januar 2022
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running QVR Elite, QVR Pro, and QVR Guard. If exploited ... More
Vulnerability in QTS and QuTS hero

12. Januar 2022
A vulnerability has been reported to affect QTS 4.5.3 and later versions, and QuTS hero h4.5.3 and later versions. If exploited, t ... More
Reflected XSS Vulnerability in TFTP Server

6. Januar 2022
A reflected cross-site scripting (XSS) vulnerability has been reported to affect TFTP Server in QTS, QuTS hero, and QuTScloud. If ... More
Vulnerability in QVPN Service

6. Januar 2022
A vulnerability has been reported to affect QNAP NAS running QVPN Service 3.x. If exploited, the vulnerability allows attackers to ... More
Multiple Vulnerabilities in Apache Log4j Library

30. Dezember 2021
Several vulnerabilities have been reported to affect the Apache Log4j Java logging library. If exploited, these vulnerabilities al ... More
Vulnerabilities in Apache HTTP Server

29. Dezember 2021
The Apache Software Foundation has reported two vulnerabilities affecting Apache HTTP Server. If exploited, one of the vulnerabili ... More
Exposure of Sensitive Information in QTS, QuTS hero, and QuTScloud

29. Dezember 2021
A vulnerability involving exposure of sensitive information has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTSc ... More
Vulnerability in Apache Log4j Library

14. Dezember 2021
A vulnerability has been reported to affect the Apache Log4j Java logging library. If exploited, this vulnerability allows attacke ... More
Improper Authentication Vulnerability in Qfile

9. Dezember 2021
An improper authentication vulnerability has been reported to affect Android devices running Qfile. If exploited, this vulnerabili ... More
Reflected XSS Vulnerability in Kazoo Server

9. Dezember 2021
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this ... More
Stack Buffer Overflow Vulnerability in Surveillance Station

9. Dezember 2021
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulner ... More
Bitcoin Miner [oom_reaper]

7. Dezember 2021

+1
A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process nam ... More
Improper Authentication Vulnerability in QVR

26. November 2021
An improper authentication vulnerability has been reported to affect QNAP VS Series NVR running QVR. If exploited, this vulnerabil ... More
Heap-Based Buffer Overflow Vulnerability in QTS and QuTS hero

18. November 2021
A heap-based buffer overflow vulnerability has been reported to affect QNAP NAS devices that have Apple File Protocol (AFP) enable ... More
CSRF Vulnerability in QmailAgent

18. November 2021
A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP NAS running QmailAgent. If exploited, this vuln ... More
Reflected XSS Vulnerability in Ragic Cloud DB

18. November 2021
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, th ... More
Reflected XSS Vulnerability in QmailAgent

11. November 2021
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running QmailAgent. If exploited, this v ... More
Stack Buffer Overflow Vulnerability in Multimedia Console

11. November 2021
A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerab ... More
Command Injection Vulnerability in the Media Streaming Add-On

21. Oktober 2021
A command injection vulnerability has been reported to affect QNAP NAS running the Media Streaming add-on. If exploited, this vuln ... More

XSS and Open Redirect Vulnerabilities in QcalAgent

Stack Overflow Vulnerability in QVR Elite, QVR Pro, and QVR Guard

Vulnerability in QTS and QuTS hero

Reflected XSS Vulnerability in TFTP Server

Vulnerability in QVPN Service

Multiple Vulnerabilities in Apache Log4j Library

Vulnerabilities in Apache HTTP Server

Exposure of Sensitive Information in QTS, QuTS hero, and QuTScloud

Vulnerability in Apache Log4j Library

Improper Authentication Vulnerability in Qfile

Reflected XSS Vulnerability in Kazoo Server

Stack Buffer Overflow Vulnerability in Surveillance Station

Bitcoin Miner [oom_reaper]

Improper Authentication Vulnerability in QVR

Heap-Based Buffer Overflow Vulnerability in QTS and QuTS hero

CSRF Vulnerability in QmailAgent

Reflected XSS Vulnerability in Ragic Cloud DB

Reflected XSS Vulnerability in QmailAgent

Stack Buffer Overflow Vulnerability in Multimedia Console

Command Injection Vulnerability in the Media Streaming Add-On