Page 41 of 276 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0

CVE-2018-0730

https://notcve.org/view.php?id=CVE-2018-0730

This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions. Esta vulnerabilidad de inyección de comandos en File Station permite a atacantes ejecutar comandos sobre el dispositivo afectado. Para corregir la vulnerabilidad, QNAP recomienda actualizar QTS a sus últimas versiones. • https://www.qnap.com/zh-tw/security-advisory/nas-201911-20 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 9.8EPSS: 0%CPEs: 10EXPL: 0

CVE-2018-0729

https://notcve.org/view.php?id=CVE-2018-0729

This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest versions. Esta vulnerabilidad de inyección de comandos en Music Station permite a atacantes ejecutar comandos sobre el dispositivo afectado. Para corregir la vulnerabilidad, QNAP recomienda actualizar Music Station a sus últimas versiones. • https://www.qnap.com/zh-tw/security-advisory/nas-201911-20 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-0728

https://notcve.org/view.php?id=CVE-2018-0728

This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions. Esta vulnerabilidad de control de acceso inapropiado en Helpdesk permite a atacantes acceder a los registros del sistema. Para corregir la vulnerabilidad, QNAP recomienda actualizar QTS y Helpdesk a sus últimas versiones. • https://www.qnap.com/zh-tw/security-advisory/nas-201911-20 • CWE-269: Improper Privilege Management •

CVSS: 7.5EPSS: 27%CPEs: 1EXPL: 1

CVE-2019-7181 – QNAP myQNAPcloud Connect 1.3.4.0317 - 'Username/Password' Denial of Service

https://notcve.org/view.php?id=CVE-2019-7181

Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program. Una vulnerabilidad de desbordamiento de búfer en myQNAPcloud Connect versión 1.3.3.0925 y anteriores, podría permitir que los atacantes remotos bloqueen el programa. QNAP myQNAPcloud Connect version 1.3.4.0317 suffers from a username / password denial of service vulnerability. • https://www.exploit-db.com/exploits/46733 http://packetstormsecurity.com/files/152570/QNAP-myQNAPcloud-Connect-1.3.4.0317-Username-Password-Denial-Of-Service.html https://www.qnap.com/zh-tw/security-advisory/nas-201905-09 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2018-0722

https://notcve.org/view.php?id=CVE-2018-0722

Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device. Existe una vulnerabilidad de salto de directorio en las siguientes versiones de Photo Station que podría permitir a los atacantes remotos acceder a información sensible en el dispositivo: 5.72 y anteriores en QTS 4.3.4, 5.44 y anteriores en QTS 4.3.3 y 5.28 y anteriores en QTS 4.2.6. • https://www.qnap.com/zh-tw/security-advisory/nas-201901-14 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •