Qnap Qcalagent vulnerabilities
3 known vulnerabilities affecting qnap/qcalagent.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-41289HIGHCVSS 8.8≥ 1.1.0, < 1.1.82024-01-05
CVE-2023-41289 [MEDIUM] CWE-78 CVE-2023-41289: An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulne
An OS command injection vulnerability has been reported to affect QcalAgent. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following version:
QcalAgent 1.1.8 and later
nvd
CVE-2021-38677MEDIUMCVSS 6.1fixed in 1.1.72022-01-14
CVE-2021-38677 [MEDIUM] CWE-79 CVE-2021-38677: A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later
nvd
CVE-2021-38678MEDIUMCVSS 6.1fixed in 1.1.72022-01-14
CVE-2021-38678 [MEDIUM] CWE-601 CVE-2021-38678: An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploit
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later
nvd