Qnap Qes vulnerabilities
4 known vulnerabilities affecting qnap/qes.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2020-2504HIGHCVSS 7.5fixed in 2.1.1v2.1.12020-12-24
CVE-2020-2504 [MEDIUM] CWE-20 CVE-2020-2504: If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in
If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
nvd
CVE-2020-2499HIGHCVSS 7.2fixed in 2.1.1v2.1.12020-12-24
CVE-2020-2499 [MEDIUM] CWE-259 CVE-2020-2499: A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploite
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
nvd
CVE-2020-2503MEDIUMCVSS 5.4fixed in 2.1.1v2.1.12020-12-24
CVE-2020-2503 [CRITICAL] CWE-79 CVE-2020-2503: If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject
If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
nvd
CVE-2020-2505LOWCVSS 2.3fixed in 2.1.1v2.1.12020-12-24
CVE-2020-2505 [LOW] CWE-209 CVE-2020-2505: If exploited, this vulnerability could allow attackers to gain sensitive information via generation
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
nvd