Qsan Sanos
7 CVEs affecting Qsan Sanos. Latest disclosed: 2021-07-07. Critical: 6, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-32535 | Critical | 9.8 | 2021-07-07 | The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote attackers to obtain administrator’s permission and execute arbi… |
CVE-2021-32534 | Critical | 9.8 | 2021-07-07 | QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands with… |
CVE-2021-32533 | Critical | 9.8 | 2021-07-07 | The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this vulnerability to inject and execute arbitrary commands without pe… |
CVE-2021-32529 | Critical | 9.8 | 2021-07-07 | Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and ref… |
CVE-2021-32522 | Critical | 9.8 | 2021-07-07 | Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to discover users’ credent… |
CVE-2021-32519 | Critical | 9.8 | 2021-07-07 | Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-tex… |
CVE-2021-32521 | High | 7.3 | 2021-07-07 | Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSA… |