Qnap Quts_hero
247 CVEs affecting Qnap Quts_hero. Latest disclosed: 2026-06-10. Critical: 16, High: 68.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-32766 | Critical | 10.0 | 2024-04-26 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to… |
CVE-2021-28799 | Critical | 10.0 | 2021-05-13 | An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, the vulnerability allows remote… |
CVE-2025-66277 | Critical | 9.8 | 2026-02-11 | A link following vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to t… |
CVE-2025-62849 | Critical | 9.8 | 2025-12-16 | An SQL injection vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to e… |
CVE-2025-59385 | Critical | 9.8 | 2025-12-16 | An authentication bypass by spoofing vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit th… |
CVE-2024-50393 | Critical | 9.8 | 2024-12-06 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attack… |
CVE-2024-21899 | Critical | 9.8 | 2024-03-08 | An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users… |
CVE-2023-23368 | Critical | 9.8 | 2023-11-03 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to… |
CVE-2022-27596 | Critical | 9.8 | 2023-01-30 | A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote attackers to inject malicious co… |
CVE-2021-34344 | Critical | 9.8 | 2021-09-10 | A stack buffer overflow vulnerability has been reported to affect QNAP device running QUSBCam2. If exploited, this vulnerability allows attackers to execute ar… |
CVE-2021-28804 | Critical | 9.8 | 2021-07-01 | A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary comm… |
CVE-2021-28802 | Critical | 9.8 | 2021-07-01 | A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary comm… |
CVE-2020-2509 | Critical | 9.8 | 2021-04-17 | A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary command… |
CVE-2019-7198 | Critical | 9.8 | 2020-12-10 | This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in… |
CVE-2024-48859 | Critical | 9.1 | 2024-12-06 | An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote… |
CVE-2023-45025 | Critical | 9.0 | 2024-02-02 | An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to… |
CVE-2024-21897 | High | 8.9 | 2024-09-06 | A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow auth… |
CVE-2025-30264 | High | 8.8 | 2025-08-29 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then… |
CVE-2025-22481 | High | 8.8 | 2025-06-06 | A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attack… |
CVE-2024-53691 | High | 8.8 | 2024-12-06 | A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers… |