📦 Quts Hero
by Qnap
🔍 What is Quts Hero?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This CVE describes a link following vulnerability in QNAP operating systems that allows remote attackers to traverse the file system to unintended locations. The vulnerability affects multiple QNAP OS...
This CVE describes an authentication bypass vulnerability in QNAP operating systems that allows remote attackers to spoof authentication and access restricted resources without valid credentials. It a...
This SQL injection vulnerability in QNAP operating systems allows remote attackers to execute arbitrary SQL commands. If exploited, attackers could execute unauthorized code or commands on affected QN...
This CVE-2024-21899 is an improper authentication vulnerability in QNAP operating systems that allows attackers to bypass authentication mechanisms and potentially gain unauthorized access to the syst...
This CVE describes an OS command injection vulnerability in multiple QNAP operating system versions that allows authenticated users to execute arbitrary commands via network requests. Attackers could ...
This CVE-2021-28802 is a critical command injection vulnerability in QNAP QTS and QuTS hero operating systems that allows attackers to execute arbitrary commands on affected devices. Attackers could p...
This CVE-2021-28804 is a critical command injection vulnerability in QNAP QTS and QuTS hero operating systems that allows attackers to execute arbitrary commands on affected devices. Attackers can pot...
This is a critical command injection vulnerability (CWE-77) in QNAP QTS and QuTS hero operating systems that allows attackers to execute arbitrary commands on affected devices. If exploited, attackers...
CVE-2019-7198 is a command injection vulnerability in QNAP NAS devices that allows attackers to execute arbitrary commands on affected systems. This affects QNAP QTS and QuTS hero operating systems be...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects users running vulnerable QNAP OS versions. Attackers n...
This CVE-2025-9110 vulnerability allows remote attackers to read sensitive system information from affected QNAP devices without authorization. Attackers can exploit this to access application data th...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects QNAP NAS devices running vulnerable QTS and QuTS hero ...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects users running vulnerable QTS and QuTS hero versions. A...
A buffer overflow vulnerability in QNAP operating systems allows authenticated remote attackers to modify memory or crash processes. This affects users running vulnerable QTS and QuTS hero versions. A...
This CVE describes an argument injection vulnerability in QNAP operating systems where attackers can manipulate command arguments to alter execution logic. It affects multiple QNAP NAS devices running...
A command injection vulnerability in QNAP operating systems allows authenticated attackers with administrator privileges to execute arbitrary commands on affected devices. This affects QNAP NAS device...
An out-of-bounds write vulnerability in QNAP operating systems allows authenticated remote attackers to modify or corrupt memory. This affects QNAP NAS devices running vulnerable QTS and QuTS hero ver...
This CVE describes a command injection vulnerability in QNAP operating systems that allows authenticated attackers to execute arbitrary commands on affected devices. The vulnerability affects multiple...
A command injection vulnerability in QNAP operating systems allows authenticated remote attackers to execute arbitrary commands on affected devices. This affects QTS and QuTS hero users running vulner...
This CVE describes an out-of-bounds write vulnerability in QNAP operating systems that could allow remote attackers with administrator access to modify or corrupt memory. The vulnerability affects mul...
An out-of-bounds write vulnerability in QNAP operating systems could allow remote attackers with administrator access to modify or corrupt memory. This affects QTS and QuTS hero users running vulnerab...
This CRLF injection vulnerability in QNAP operating systems allows attackers with user access to manipulate application data by injecting carriage return and line feed sequences. It affects QTS and Qu...
An out-of-bounds write vulnerability in QNAP operating systems allows remote attackers with administrator access to modify or corrupt memory. This affects QTS and QuTS hero versions before the patched...
This CVE describes a format string vulnerability in QNAP operating systems that allows attackers with administrator access to read sensitive data or modify memory. The vulnerability affects multiple Q...
This CRLF injection vulnerability in QNAP operating systems allows remote attackers to inject carriage return and line feed sequences, potentially modifying application data. It affects multiple QTS a...
A format string vulnerability in QNAP operating systems allows remote attackers with administrator access to read sensitive data or modify memory. This affects QTS and QuTS hero systems running vulner...
A format string vulnerability in QNAP operating systems allows remote attackers to read sensitive memory or modify memory contents. This affects QTS and QuTS hero users running vulnerable versions. Su...
This CVE describes a format string vulnerability in QNAP operating systems that allows attackers with administrator access to read sensitive data or modify memory. The vulnerability affects multiple Q...
This CVE describes a buffer overflow vulnerability in QNAP operating systems that allows remote attackers with administrator access to execute arbitrary code. The vulnerability affects multiple QNAP N...
This CVE describes a buffer overflow vulnerability in QNAP operating systems that allows remote attackers with administrator access to execute arbitrary code. The vulnerability affects multiple QNAP N...
This path traversal vulnerability in QNAP operating systems allows authenticated users to access files outside intended directories via network requests. It affects multiple QNAP NAS devices running v...
This cross-site scripting (XSS) vulnerability in QNAP operating systems allows authenticated attackers to inject malicious scripts into web applications. The vulnerability affects multiple QNAP NAS de...
This CVE describes an OS command injection vulnerability in QNAP operating systems that allows authenticated users to execute arbitrary commands via network requests. It affects QTS and QuTS hero syst...
This CVE describes a missing authorization vulnerability in QNAP operating systems that allows local authenticated users to access data or perform actions beyond their intended permissions. The vulner...
This CVE describes a buffer overflow vulnerability in QNAP operating systems that allows attackers to execute arbitrary code remotely. It affects multiple QNAP NAS devices running vulnerable QTS and Q...
This double free vulnerability in QNAP operating systems allows authenticated attackers to execute arbitrary code remotely. It affects multiple QNAP NAS devices running vulnerable QTS and QuTS hero ve...
This CVE describes an OS command injection vulnerability in multiple QNAP operating system versions that allows authenticated users to execute arbitrary commands via network requests. Attackers could ...
This CVE describes an incorrect authorization vulnerability in QNAP operating systems that allows authenticated users to bypass intended access restrictions. Attackers with valid credentials could acc...
This CVE-2023-51364 is a path traversal vulnerability in multiple QNAP operating system versions that allows authenticated users to read arbitrary files via network requests. It affects QTS, QuTS hero...
This SQL injection vulnerability in QNAP operating systems allows authenticated users to execute arbitrary SQL commands via network requests. It affects multiple QNAP OS versions and could lead to dat...
This CVE describes an OS command injection vulnerability in multiple QNAP operating system versions that allows authenticated users to execute arbitrary commands via network requests. The vulnerabilit...
A prototype pollution vulnerability in QNAP operating systems allows attackers to modify object prototypes, potentially causing system crashes via network requests. This affects QNAP NAS devices runni...
This path traversal vulnerability in QNAP operating systems allows authenticated users to read arbitrary files outside intended directories via network requests. It affects multiple QNAP OS versions a...
This CVE describes a relative path traversal vulnerability in QNAP NAS devices running QTS and QuTS hero operating systems. If exploited, attackers can modify system files, potentially compromising sy...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices ...
A use of uninitialized variable vulnerability in QNAP operating systems allows attackers with administrator access to cause denial of service or manipulate program execution flow. This affects QTS and...
A path traversal vulnerability in QNAP operating systems allows authenticated administrators to read arbitrary files. This affects QNAP NAS devices running vulnerable QTS and QuTS hero versions. Attac...
A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modify memory or crash processes. This affects multiple QNAP NAS devices running vul...
A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modify memory or crash processes. This affects QNAP NAS devices running vulnerable Q...
This CVE describes a path traversal vulnerability in QNAP operating systems that allows authenticated attackers with administrator privileges to read arbitrary files. The vulnerability affects multipl...
An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to read sensitive memory data. This affects QTS and QuTS hero systems running vulne...
This CVE describes a resource allocation vulnerability in QNAP operating systems where an authenticated attacker with administrator privileges can exhaust system resources, causing denial of service f...
A buffer overflow vulnerability in QNAP operating systems allows remote attackers with administrator credentials to modify memory or crash processes. This affects multiple QNAP NAS devices running vul...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices ...
An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to read sensitive memory data. This affects QNAP NAS devices running vulnerable QTS...
An out-of-bounds read vulnerability in QNAP operating systems allows remote attackers with administrator credentials to read sensitive memory contents. This affects QNAP NAS devices running vulnerable...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QNAP NAS devices running v...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices ...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QNAP NAS devices running v...
A format string vulnerability in QNAP operating systems allows attackers with administrator access to read sensitive data or modify memory. This affects multiple QNAP NAS devices running vulnerable QT...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QNAP NAS devices running v...
A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attackers to cause denial-of-service conditions. This affects QNAP NAS devices running vulnerable QTS and...
This CVE describes a resource exhaustion vulnerability in QNAP operating systems where authenticated remote attackers can allocate resources without limits, potentially causing denial-of-service condi...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QNAP NAS devices running v...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices ...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QNAP NAS devices running v...
A NULL pointer dereference vulnerability in QNAP operating systems allows authenticated remote attackers to cause denial-of-service conditions. This affects QNAP NAS devices running vulnerable QTS and...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QTS and QuTS hero systems ...
A format string vulnerability in QNAP operating systems allows attackers with administrator access to read sensitive data or modify memory. This affects QTS and QuTS hero systems running vulnerable ve...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QTS and QuTS hero systems ...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QNAP NAS devices running v...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QTS and QuTS hero systems ...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects multiple QNAP NAS devices ...
A NULL pointer dereference vulnerability in QNAP operating systems allows remote attackers with administrator credentials to cause denial-of-service conditions. This affects QTS and QuTS hero systems ...