Search

Find a vulnerability

Search criteria

    9 vulnerabilities found for QES by Qnap

    CERTFR-2025-AVI-0486

    Vulnerability from certfr_avis - Published: 2025-06-10 - Updated: 2025-06-10

    De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Qnap QTS QTS versions 5.2.x antérieures à 5.2.4.3079 build 20250321
    Qnap QuRouter QuRouter versions 2.4.x et 2.5.x antérieures à 2.5.0.140
    Qnap QuTS hero QuTS hero versions h5.2.x antérieures à h5.2.4.3079 build 20250321
    Qnap License Center License Center versions 1.9.x antérieures à 1.9.49
    Qnap File Station File Station 5 versions 5.5.x antérieures à 5.5.6.4847
    Qnap Qsync Qsync Central versions 4.5.x antérieures à 4.5.0.6
    Qnap QES QES versions 2.2.x antérieures à 2.2.1 build 20250304
    References
    Bulletin de sécurité Qnap QSA-25-17 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-11 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-14 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-10 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-09 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-15 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-13 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-16 2025-06-07 vendor-advisory
    Bulletin de sécurité Qnap QSA-25-12 2025-06-07 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "QTS versions 5.2.x ant\u00e9rieures \u00e0 5.2.4.3079 build 20250321",
          "product": {
            "name": "QTS",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuRouter versions 2.4.x et 2.5.x ant\u00e9rieures \u00e0 2.5.0.140",
          "product": {
            "name": "QuRouter",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QuTS hero versions h5.2.x ant\u00e9rieures \u00e0 h5.2.4.3079 build 20250321",
          "product": {
            "name": "QuTS hero",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "License Center versions 1.9.x ant\u00e9rieures \u00e0 1.9.49",
          "product": {
            "name": "License Center",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "File Station 5 versions 5.5.x ant\u00e9rieures \u00e0 5.5.6.4847",
          "product": {
            "name": "File Station",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "Qsync Central versions 4.5.x ant\u00e9rieures \u00e0 4.5.0.6",
          "product": {
            "name": "Qsync",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        },
        {
          "description": "QES versions 2.2.x ant\u00e9rieures \u00e0 2.2.1 build 20250304",
          "product": {
            "name": "QES",
            "vendor": {
              "name": "Qnap",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-26465",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
        },
        {
          "name": "CVE-2025-33031",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-33031"
        },
        {
          "name": "CVE-2024-56805",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-56805"
        },
        {
          "name": "CVE-2024-50406",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-50406"
        },
        {
          "name": "CVE-2025-22482",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22482"
        },
        {
          "name": "CVE-2025-26466",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-26466"
        },
        {
          "name": "CVE-2025-29872",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29872"
        },
        {
          "name": "CVE-2025-29892",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29892"
        },
        {
          "name": "CVE-2025-22490",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22490"
        },
        {
          "name": "CVE-2025-29873",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29873"
        },
        {
          "name": "CVE-2025-29884",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29884"
        },
        {
          "name": "CVE-2025-33035",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-33035"
        },
        {
          "name": "CVE-2025-29876",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29876"
        },
        {
          "name": "CVE-2025-22485",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22485"
        },
        {
          "name": "CVE-2024-13087",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-13087"
        },
        {
          "name": "CVE-2025-22484",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22484"
        },
        {
          "name": "CVE-2023-28370",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-28370"
        },
        {
          "name": "CVE-2025-29877",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29877"
        },
        {
          "name": "CVE-2025-29883",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29883"
        },
        {
          "name": "CVE-2025-30279",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-30279"
        },
        {
          "name": "CVE-2025-22486",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22486"
        },
        {
          "name": "CVE-2025-29871",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29871"
        },
        {
          "name": "CVE-2024-6387",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6387"
        },
        {
          "name": "CVE-2025-22481",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22481"
        },
        {
          "name": "CVE-2024-13088",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-13088"
        },
        {
          "name": "CVE-2025-29885",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-29885"
        }
      ],
      "initial_release_date": "2025-06-10T00:00:00",
      "last_revision_date": "2025-06-10T00:00:00",
      "links": [],
      "reference": "CERTFR-2025-AVI-0486",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-06-10T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Injection de code indirecte \u00e0 distance (XSS)"
        },
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        },
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "Injection SQL (SQLi)"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        },
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        },
        {
          "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
      "vendor_advisories": [
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-17",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-17"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-11",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-11"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-14",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-14"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-10",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-10"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-09",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-09"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-15",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-15"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-13",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-13"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-16",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-16"
        },
        {
          "published_at": "2025-06-07",
          "title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-25-12",
          "url": "https://www.qnap.com/go/security-advisory/qsa-25-12"
        }
      ]
    }

    CVE-2020-2505 (GCVE-0-2020-2505)

    Vulnerability from nvd – Published: 2020-12-24 01:39 – Updated: 2024-09-16 21:07
    VLAI
    Title
    Sensitive information via generation of error messages vulnerability in QES
    Summary
    If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
    CWE
    • CWE-209 - Information Exposure Through an Error Message
    • CWE-755 - Improper Handling of Exceptional Conditions
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    TIM Security Red Team Research
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.406Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20201006"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "TIM Security Red Team Research"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "CWE-209 Information Exposure Through an Error Message",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-755",
                  "description": "CWE-755 Improper Handling of Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-17",
            "discovery": "EXTERNAL"
          },
          "title": "Sensitive information via generation of error messages vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2505",
              "STATE": "PUBLIC",
              "TITLE": "Sensitive information via generation of error messages vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20201006",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "TIM Security Red Team Research"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-209 Information Exposure Through an Error Message"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-755 Improper Handling of Exceptional Conditions"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-17",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2505",
        "datePublished": "2020-12-24T01:39:48.218Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-16T21:07:28.461Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2504 (GCVE-0-2020-2504)

    Vulnerability from nvd – Published: 2020-12-24 01:39 – Updated: 2024-09-17 00:25
    VLAI
    Title
    Absolute path traversal vulnerability in QES
    Summary
    If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    • CWE-73 - External Control of File Name or Path
    • CWE-20 - Improper Input Validation
    • CWE-284 - Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    TIM Security Red Team Research
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.618Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20201006"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "TIM Security Red Team Research"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External Control of File Name or Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-17",
            "discovery": "EXTERNAL"
          },
          "title": "Absolute path traversal vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2504",
              "STATE": "PUBLIC",
              "TITLE": "Absolute path traversal vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20201006",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "TIM Security Red Team Research"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-73 External Control of File Name or Path"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20 Improper Input Validation"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-284 Improper Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-17",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2504",
        "datePublished": "2020-12-24T01:39:28.422Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:25:31.081Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2503 (GCVE-0-2020-2503)

    Vulnerability from nvd – Published: 2020-12-24 01:39 – Updated: 2024-09-17 03:07
    VLAI
    Title
    Stored cross-site scripting vulnerability in QES
    Summary
    If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    • CWE-749 - Exposed Dangerous Method or Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    TIM Security Red Team Research
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.672Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20201006"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "TIM Security Red Team Research"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-749",
                  "description": "CWE-749 Exposed Dangerous Method or Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-17",
            "discovery": "EXTERNAL"
          },
          "title": "Stored cross-site scripting vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2503",
              "STATE": "PUBLIC",
              "TITLE": "Stored cross-site scripting vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20201006",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "TIM Security Red Team Research"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-749 Exposed Dangerous Method or Function"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-17",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2503",
        "datePublished": "2020-12-24T01:39:08.389Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:20.826Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2499 (GCVE-0-2020-2499)

    Vulnerability from nvd – Published: 2020-12-24 01:38 – Updated: 2024-09-17 03:18
    VLAI
    Title
    Hard-coded Password Vulnerability in QES
    Summary
    A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
    CWE
    • CWE-259 - Use of Hard-coded Password
    • CWE-798 - Use of Hard-coded Credentials
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    Lodestone Security
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.172Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20200515"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Lodestone Security"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-259",
                  "description": "CWE-259 Use of Hard-coded Password",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-19",
            "discovery": "EXTERNAL"
          },
          "title": "Hard-coded Password Vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2499",
              "STATE": "PUBLIC",
              "TITLE": "Hard-coded Password Vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20200515",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Lodestone Security"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-259 Use of Hard-coded Password"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-798 Use of Hard-coded Credentials"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-522 Insufficiently Protected Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-19",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2499",
        "datePublished": "2020-12-24T01:38:14.895Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:18:12.926Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2505 (GCVE-0-2020-2505)

    Vulnerability from cvelistv5 – Published: 2020-12-24 01:39 – Updated: 2024-09-16 21:07
    VLAI
    Title
    Sensitive information via generation of error messages vulnerability in QES
    Summary
    If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
    CWE
    • CWE-209 - Information Exposure Through an Error Message
    • CWE-755 - Improper Handling of Exceptional Conditions
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    TIM Security Red Team Research
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.406Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20201006"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "TIM Security Red Team Research"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-209",
                  "description": "CWE-209 Information Exposure Through an Error Message",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-755",
                  "description": "CWE-755 Improper Handling of Exceptional Conditions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-17",
            "discovery": "EXTERNAL"
          },
          "title": "Sensitive information via generation of error messages vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2505",
              "STATE": "PUBLIC",
              "TITLE": "Sensitive information via generation of error messages vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20201006",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "TIM Security Red Team Research"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 2.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-209 Information Exposure Through an Error Message"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-755 Improper Handling of Exceptional Conditions"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-17",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2505",
        "datePublished": "2020-12-24T01:39:48.218Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-16T21:07:28.461Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2504 (GCVE-0-2020-2504)

    Vulnerability from cvelistv5 – Published: 2020-12-24 01:39 – Updated: 2024-09-17 00:25
    VLAI
    Title
    Absolute path traversal vulnerability in QES
    Summary
    If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    • CWE-73 - External Control of File Name or Path
    • CWE-20 - Improper Input Validation
    • CWE-284 - Improper Access Control
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    TIM Security Red Team Research
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.618Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20201006"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "TIM Security Red Team Research"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "CWE-73 External Control of File Name or Path",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20 Improper Input Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284 Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-17",
            "discovery": "EXTERNAL"
          },
          "title": "Absolute path traversal vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2504",
              "STATE": "PUBLIC",
              "TITLE": "Absolute path traversal vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20201006",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "TIM Security Red Team Research"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-73 External Control of File Name or Path"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20 Improper Input Validation"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-284 Improper Access Control"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-17",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2504",
        "datePublished": "2020-12-24T01:39:28.422Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:25:31.081Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2503 (GCVE-0-2020-2503)

    Vulnerability from cvelistv5 – Published: 2020-12-24 01:39 – Updated: 2024-09-17 03:07
    VLAI
    Title
    Stored cross-site scripting vulnerability in QES
    Summary
    If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    • CWE-749 - Exposed Dangerous Method or Function
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    TIM Security Red Team Research
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.672Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20201006"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "TIM Security Red Team Research"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-749",
                  "description": "CWE-749 Exposed Dangerous Method or Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-17",
            "discovery": "EXTERNAL"
          },
          "title": "Stored cross-site scripting vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2503",
              "STATE": "PUBLIC",
              "TITLE": "Stored cross-site scripting vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20201006",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "TIM Security Red Team Research"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-749 Exposed Dangerous Method or Function"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-17"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-17",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2503",
        "datePublished": "2020-12-24T01:39:08.389Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:20.826Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2499 (GCVE-0-2020-2499)

    Vulnerability from cvelistv5 – Published: 2020-12-24 01:38 – Updated: 2024-09-17 03:18
    VLAI
    Title
    Hard-coded Password Vulnerability in QES
    Summary
    A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
    CWE
    • CWE-259 - Use of Hard-coded Password
    • CWE-798 - Use of Hard-coded Credentials
    • CWE-522 - Insufficiently Protected Credentials
    Assigner
    References
    Impacted products
    Vendor Product Version
    QNAP Systems Inc. QES Affected: unspecified , < 2.1.1 (custom)
    Create a notification for this product.
    Date Public
    2020-12-23 00:00
    Credits
    Lodestone Security
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:09:54.172Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "platforms": [
                "build 20200515"
              ],
              "product": "QES",
              "vendor": "QNAP Systems Inc.",
              "versions": [
                {
                  "lessThan": "2.1.1",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Lodestone Security"
            }
          ],
          "datePublic": "2020-12-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-259",
                  "description": "CWE-259 Use of Hard-coded Password",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-522",
                  "description": "CWE-522 Insufficiently Protected Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-12-31T16:33:28.000Z",
            "orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
            "shortName": "qnap"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
            }
          ],
          "source": {
            "advisory": "QSA-20-19",
            "discovery": "EXTERNAL"
          },
          "title": "Hard-coded Password Vulnerability in QES",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@qnap.com",
              "DATE_PUBLIC": "2020-12-23T05:49:00.000Z",
              "ID": "CVE-2020-2499",
              "STATE": "PUBLIC",
              "TITLE": "Hard-coded Password Vulnerability in QES"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "QES",
                          "version": {
                            "version_data": [
                              {
                                "platform": "build 20200515",
                                "version_affected": "\u003c",
                                "version_value": "2.1.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "QNAP Systems Inc."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Lodestone Security"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-259 Use of Hard-coded Password"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-798 Use of Hard-coded Credentials"
                    }
                  ]
                },
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-522 Insufficiently Protected Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19",
                  "refsource": "MISC",
                  "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-20-19"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later."
              }
            ],
            "source": {
              "advisory": "QSA-20-19",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
        "assignerShortName": "qnap",
        "cveId": "CVE-2020-2499",
        "datePublished": "2020-12-24T01:38:14.895Z",
        "dateReserved": "2019-12-09T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:18:12.926Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }