CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-32764 – myQNAPcloud Link
https://notcve.org/view.php?id=CVE-2024-32764
26 Apr 2024 — A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following version: myQNAPcloud Link 2.4.51 and later Se ha informado que falta una autenticación para una vulnerabilidad de función crítica que afecta a myQNAPcloud Link. Si se explota, la vulnerabilidad podría permitir a los usuarios con el nive... • https://www.qnap.com/en/security-advisory/qsa-24-09 • CWE-306: Missing Authentication for Critical Function CWE-346: Origin Validation Error CWE-749: Exposed Dangerous Method or Function •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-28815 – Insecure Storage of Sensitive Information in myQNAPcloud Link
https://notcve.org/view.php?id=CVE-2021-28815
16 Jun 2021 — Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism. This issue affects: QNAP Systems Inc. myQNAPcloud Link versions prior to 2.2.21 on QTS 4.5.3; versions prior to 2.2.21 on QuTS hero h4.5.2; versions prior to 2.2.21 on QuTScloud c4.5.4. Se ha reportado de que el almacenamiento no seguro de información confidencial afecta... • https://www.qnap.com/zh-tw/security-advisory/qsa-21-26 • CWE-922: Insecure Storage of Sensitive Information •