Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

QNAP Systems Inc. — Vulnerabilities & Security Advisories 532

Browse all 532 CVE security advisories affecting QNAP Systems Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by QNAP Systems Inc.:QTSQsync CentralFile Station 5Photo StationQuRouterVideo StationQuTS heroQuMagieHelpdeskMusic StationQuLog CenterQVRNotes Station 3QuTScloudLicense CenterMedia Streaming add-onQVR EliteHBS 3 Hybrid Backup SyncQuNetSwitchQESMultimedia ConsoleDownload StationQuFirewallQVPN WindowsSurveillance StationProxy ServerQcalAgentMalware RemoverHBS 3QmailAgent
CVE IDTitleCVSSSeverityPublished
CVE-2021-28814 Improper Access Control Vulnerability in Helpdesk — HelpdeskCWE-269 8.8 High2021-06-11
CVE-2021-28805 Inclusion of Sensitive Information in QSS — QSSCWE-540 7.8 High2021-06-11
CVE-2021-28801 Out-of-Bounds Read Vulnerability in QSS — QSSCWE-125 3.1 Low2021-06-11
CVE-2021-28812 Command Injection Vulnerability in Video Station — Video StationCWE-1286 8.8 High2021-06-03
CVE-2021-28807 Post-Authentication Reflected XSS Vulnerability in Q'center — Q’centerCWE-79 7.7 High2021-06-03
CVE-2021-28806 DOM-Based XSS Vulnerability in QTS and QuTS hero — QTSCWE-79 5.7 Medium2021-06-03
CVE-2021-28798 Relative Path Traversal Vulnerability in QTS and QuTS hero — QTSCWE-284 8.8 High2021-05-21
CVE-2021-28799 Improper Authorization Vulnerability in HBS 3 (Hybrid Backup Sync) — HBS 3CWE-285 10.0 Critical2021-05-13
CVE-2020-36197 Improper Access Control Vulnerability in Music Station — Music StationCWE-284 7.1 High2021-05-13
CVE-2020-36198 Command Injection Vulnerability in Malware Remover — Malware RemoverCWE-77 6.7 Medium2021-05-13
CVE-2020-2509 Command Injection Vulnerability in QTS and QuTS hero — QTSCWE-77 9.8 -2021-04-17
CVE-2020-36195 SQL Injection Vulnerability in Multimedia Console and the Media Streaming Add-On — QTSCWE-20 9.8 Critical2021-04-17
CVE-2018-19942 Cross-site Scripting Vulnerability in File Station — QTSCWE-79 6.1 -2021-04-16
CVE-2021-28797 Stack Buffer Overflow in Surveillance Station — Surveillance StationCWE-121 9.8 Critical2021-04-14
CVE-2020-2501 Stack Buffer Overflow in Surveillance Station — Surveillance StationCWE-121 9.8 -2021-02-17
CVE-2020-2502 Cross-site Scripting Vulnerability in Photo Station — Photo StationCWE-79 6.1 -2021-02-17
CVE-2020-2506 improper access control vulnerability in Helpdesk — HelpdeskCWE-284 7.3 High2021-02-03
CVE-2020-2507 command injection vulnerability in Helpdesk — HelpdeskCWE-77 9.8 Critical2021-02-03
CVE-2020-2508 Command Injection Vulnerability in QTS and QuTS hero — QTSCWE-77 7.2 High2021-01-11
CVE-2018-19941 Cleartext Storage of Sensitive Information in Cookies — QTSCWE-315 7.5 -2020-12-31
CVE-2018-19944 Cleartext Transmission of Sensitive Information in SNMP — QTSCWE-311 7.5 -2020-12-31
CVE-2018-19945 Improper Limitation of a Pathname to a Restricted Directory in QTS — QTSCWE-20 7.5 -2020-12-31
CVE-2020-25847 Command Injection Vulnerability in QTS and QuTS hero — QTSCWE-77 8.8 High2020-12-29
CVE-2020-2505 Sensitive information via generation of error messages vulnerability in QES — QESCWE-209 2.3 Low2020-12-24
CVE-2020-2504 Absolute path traversal vulnerability in QES — QESCWE-22 5.8 Medium2020-12-24
CVE-2020-2503 Stored cross-site scripting vulnerability in QES — QESCWE-79 9.0 Critical2020-12-24
CVE-2020-2499 Hard-coded Password Vulnerability in QES — QESCWE-259 6.3 Medium2020-12-24
CVE-2020-2498 Cross-site scripting vulnerability in QTS and QuTS hero — QTSCWE-79 6.1 -2020-12-10
CVE-2020-2497 Cross-site scripting vulnerability in QTS and QuTS hero — QTSCWE-79 6.1 -2020-12-10
CVE-2020-2496 Cross-site scripting vulnerability in QTS and QuTS hero — QTSCWE-79 6.1 -2020-12-10

This page lists every published CVE security advisory associated with QNAP Systems Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.