cbcvebase.

Qnap Systems Inc Qts vulnerabilities

249 known vulnerabilities affecting qnap_systems_inc/qts.

Total CVEs
249
CISA KEV
4
actively exploited
Public exploits
3
Exploited in wild
10
Severity breakdown
CRITICAL22HIGH111MEDIUM113LOW3

Vulnerabilities

Page 11 of 13
CVE-2024-53696P4MEDIUMCVSS 4.9≥ 4.5.x, < 4.5.4.2957 build 202411192025-03-07
CVE-2024-53696 [MEDIUM] CWE-918 CVE-2024-53696: A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If expl A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.829 ( 2024/10/01 ) and later QuLog Center 1.8.0
nvd
CVE-2020-2495P4MEDIUMCVSS 6.1fixed in 4.5.1.1456fixed in 4.4.3.1354+4 more2020-12-10
CVE-2020-2495 [MEDIUM] CWE-79 CVE-2020-2495: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicio If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.
nvd
CVE-2020-2496P4MEDIUMCVSS 6.1fixed in 4.5.1.1456fixed in 4.4.3.1354+4 more2020-12-10
CVE-2020-2496 [MEDIUM] CWE-79 CVE-2020-2496: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicio If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.
nvd
CVE-2020-2497P4MEDIUMCVSS 6.1fixed in 4.5.1.1456fixed in 4.4.3.1354+4 more2020-12-10
CVE-2020-2497 [MEDIUM] CWE-79 CVE-2020-2497: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicio If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and late
nvd
CVE-2020-2498P4MEDIUMCVSS 6.1fixed in 4.5.1.1456fixed in 4.4.3.1354+4 more2020-12-10
CVE-2020-2498 [MEDIUM] CWE-79 CVE-2020-2498: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicio If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and l
nvd
CVE-2025-47213P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-47213 [MEDIUM] CWE-476 CVE-2025-47213: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-48726P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-48726 [MEDIUM] CWE-476 CVE-2025-48726: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-48728P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-48728 [MEDIUM] CWE-476 CVE-2025-48728: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-48729P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-48729 [MEDIUM] CWE-476 CVE-2025-48729: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-52427P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-52427 [MEDIUM] CWE-476 CVE-2025-52427: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-47214P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-47214 [MEDIUM] CWE-476 CVE-2025-47214: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-48727P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-48727 [MEDIUM] CWE-476 CVE-2025-48727: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-52424P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.6.3195 build 202507152025-10-03
CVE-2025-52424 [MEDIUM] CWE-476 CVE-2025-52424: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.6.3195 build 20250715 and lat
nvd
CVE-2025-47205P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.8.3332 build 202511282026-02-11
CVE-2025-47205 [MEDIUM] CWE-476 CVE-2025-47205: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.8.3332 build 20251128 and lat
nvd
CVE-2025-66274P4MEDIUMCVSS 4.9≥ 5.2.0, < 5.2.9.3410 build 202602142026-02-11
CVE-2025-66274 [MEDIUM] CWE-476 CVE-2025-66274: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build 20260214 and lat
nvd
CVE-2025-52426P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.7.3256 build 202509132026-01-02
CVE-2025-52426 [MEDIUM] CWE-476 CVE-2025-52426: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and lat
nvd
CVE-2025-53414P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.7.3256 build 202509132026-01-02
CVE-2025-53414 [MEDIUM] CWE-476 CVE-2025-53414: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and lat
nvd
CVE-2025-53596P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.7.3256 build 202509132026-01-02
CVE-2025-53596 [MEDIUM] CWE-476 CVE-2025-53596: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and lat
nvd
CVE-2025-53589P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.7.3256 build 202509132026-01-02
CVE-2025-53589 [MEDIUM] CWE-476 CVE-2025-53589: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and lat
nvd
CVE-2025-53405P4MEDIUMCVSS 4.9≥ 5.2.x, < 5.2.7.3256 build 202509132026-01-02
CVE-2025-53405 [MEDIUM] CWE-476 CVE-2025-53405: A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system v A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3256 build 20250913 and lat
nvd
Qnap Systems Inc Qts vulnerabilities | cvebase