Qsan Xevo
7 CVEs affecting Qsan Xevo. Latest disclosed: 2021-07-07. Critical: 5, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-32531 | Critical | 9.8 | 2021-07-07 | OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to execute arbitrary commands without permissions. The referred vulner… |
CVE-2021-32530 | Critical | 9.8 | 2021-07-07 | OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. T… |
CVE-2021-32529 | Critical | 9.8 | 2021-07-07 | Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to execute arbitrary commands. Suggest contacting with QSAN and ref… |
CVE-2021-32522 | Critical | 9.8 | 2021-07-07 | Improper restriction of excessive authentication attempts vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to discover users’ credent… |
CVE-2021-32519 | Critical | 9.8 | 2021-07-07 | Use of password hash with insufficient computational effort vulnerability in QSAN Storage Manager, XEVO, SANOS allows remote attackers to recover the plain-tex… |
CVE-2021-32532 | High | 7.5 | 2021-07-07 | Path traversal vulnerability in back-end analysis function in QSAN XEVO allows remote attackers to download arbitrary files without permissions. The referred v… |
CVE-2021-32521 | High | 7.3 | 2021-07-07 | Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest contacting with QSA… |