Qnap Qvpn vulnerabilities
3 known vulnerabilities affecting qnap/qvpn.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-27595HIGHCVSS 7.8fixed in 2.0.0.13162024-12-19
CVE-2022-27595 [HIGH] CWE-427 CVE-2022-27595: An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploit
An insecure library loading vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local attackers who have gained user access to execute unauthorized code or commands.
We have already fixed the vulnerability in the following versions:
QVPN Windows 2.0.0.1316 and later
QVPN Windows 2.0.0.1310 and lat
nvd
CVE-2023-23370MEDIUMCVSS 4.4≥ 2.1.0, < 2.1.0.05182023-10-06
CVE-2023-23370 [MEDIUM] CWE-522 CVE-2023-23370: An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client
An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors.
We have already fixed the vulnerability in the following vers
nvd
CVE-2023-23371MEDIUMCVSS 4.4≥ 2.2.0, < 2.2.0.08232023-10-06
CVE-2023-23371 [MEDIUM] CWE-311 CVE-2023-23371: A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Dev
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors.
We have already fixed the vulnerability in the following version:
QVPN Windows 2.2.0.0823 and later
nvd