Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354 build 20200702 (and later)

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A heap-based buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.1.2.2534 build 20230927 and later QuTScloud c5.1.5.2651 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

An improper restriction of excessive authentication attempts vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network authenticated administrators to perform an arbitrary number of authentication attempts via unspecified vectors. QuTScloud is not affected. We have already fixed the vulnerability in the following versions: QTS 5.2.0.2782 build 20240601 and later QuTS hero h5.2.0.2782 build 20240601 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to read the contents of unexpected sensitive data via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

ID	名称	产品	系列	发布时间	最近更新时间	严重程度
502588	Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2018-14749)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	critical
502603	Qnap QTS Cleartext Transmission of Sensitive Information (CVE-2018-19944)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	high
502496	Qnap QTS Out-of-bounds Write (CVE-2023-41273)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	high
502569	Qnap QTS Stack-based Buffer Overflow (CVE-2023-41279)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	high
502605	Qnap QuTS hero Cross-site Scripting (CVE-2020-2495)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	medium
502580	Qnap QTS Out-of-bounds Write (CVE-2023-32971)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	high
502608	Qnap QTS Out-of-bounds Write (CVE-2021-34343)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	high
502612	Qnap QTS Improper Restriction of Excessive Authentication Attempts (CVE-2024-32771)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	low
502566	Qnap QTS Cleartext Transmission of Sensitive Information (CVE-2023-34972)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	medium
502516	Qnap QTS Allocation of Resources Without Limits or Throttling (CVE-2023-45028)	Tenable OT Security	Tenable.ot	2024/10/16	2024/10/17	medium

检测

插件搜索

critical

high

high

high

medium

high

high

low

medium

medium