Qnap Quts Hero
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Qnap Quts Hero.
By the Year
In 2025 there have been 0 vulnerabilities in Qnap Quts Hero. Last year, in 2024 Quts Hero had 60 security vulnerabilities published. Right now, Quts Hero is on track to have less security vulnerabilities in 2025 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 60 | 7.29 |
| 2023 | 19 | 6.72 |
| 2022 | 6 | 6.75 |
| 2021 | 10 | 7.66 |
| 2020 | 5 | 6.84 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Quts Hero vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Qnap Quts Hero Security Vulnerabilities
A missing authorization vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-39298
7.8 - High
- September 06, 2024
A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors. QuTScloud, is not affected. We have already fixed the vulnerability in the following versions: QTS 5.2.0.2737 build 20240417 and later QuTS hero h5.2.0.2782 build 20240601 and later
AuthZ
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21906
4.7 - Medium
- September 06, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later
Shell injection
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-32763
8.8 - High
- September 06, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later
Classic Buffer Overflow
An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-32771
2.4 - Low
- September 06, 2024
An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network authenticated administrators to perform an arbitrary number of authentication attempts via unspecified vectors. QuTScloud is not affected. We have already fixed the vulnerability in the following versions: QTS 5.2.0.2782 build 20240601 and later QuTS hero h5.2.0.2782 build 20240601 and later
Improper Restriction of Excessive Authentication Attempts
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-34979
7.2 - High
- September 06, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790 build 20240605 and later QuTS hero h4.5.4.2790 build 20240606 and later
Shell injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-38641
7.8 - High
- September 06, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later
Shell injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-34974
8.8 - High
- September 06, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790 build 20240605 and later QuTS hero h4.5.4.2626 build 20231225 and later
Shell injection
A path traversal vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21904
6.5 - Medium
- September 06, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Directory traversal
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21903
4.7 - Medium
- September 06, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Shell injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21898
8.8 - High
- September 06, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Shell injection
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21897
5.4 - Medium
- September 06, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
XSS
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-51368
6.5 - Medium
- September 06, 2024
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
NULL Pointer Dereference
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-51367
8.8 - High
- September 06, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Classic Buffer Overflow
A path traversal vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-51366
6.5 - Medium
- September 06, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Directory traversal
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-50366
4.8 - Medium
- September 06, 2024
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
XSS
A double free vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-27127
8.8 - High
- May 21, 2024
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute arbitrary code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Double-free
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-27130
8.8 - High
- May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-27129
8.8 - High
- May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-27128
8.8 - High
- May 21, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Classic Buffer Overflow
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21902
8.1 - High
- May 21, 2024
An incorrect permission assignment for critical resource vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Information Disclosure
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-50364
8.8 - High
- April 26, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Classic Buffer Overflow
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-50363
8.1 - High
- April 26, 2024
An incorrect authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
AuthZ
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-50362
8.8 - High
- April 26, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-50361
8.8 - High
- April 26, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
Classic Buffer Overflow
An improper authentication vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21899
9.8 - Critical
- March 08, 2024
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
authentification
An injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2024-21900
6.5 - Medium
- March 08, 2024
An injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
Injection
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41277
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45036
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45028
4.9 - Medium
- February 02, 2024
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Allocation of Resources Without Limits or Throttling
A path traversal vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45027
4.9 - Medium
- February 02, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Directory traversal
A path traversal vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45026
4.9 - Medium
- February 02, 2024
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Directory traversal
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41292
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41283
7.2 - High
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later
Shell injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41282
7.2 - High
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later
Shell injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41281
7.2 - High
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later
Shell injection
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41280
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41279
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41278
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45037
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41276
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41275
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41274
4.9 - Medium
- February 02, 2024
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
NULL Pointer Dereference
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-41273
7.2 - High
- February 02, 2024
A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later
Memory Corruption
An improper authentication vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-39303
9.8 - Critical
- February 02, 2024
An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
authentification
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-39302
7.2 - High
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.3.2578 build 20231110 and later QuTS hero h5.1.3.2578 build 20231110 and later QuTScloud c5.1.5.2651 and later
Shell injection
A SQL injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-47568
8.8 - High
- February 02, 2024
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
SQL Injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-47567
7.2 - High
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
Shell injection
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45035
7.2 - High
- February 02, 2024
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later
Classic Buffer Overflow
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-45025
9.8 - Critical
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
Shell injection
An OS command injection vulnerability has been reported to affect several QNAP operating system versions
CVE-2023-39297
8.8 - High
- February 02, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Qnap Qutscloud or by Qnap? Click the Watch button to subscribe.
