Qnap

Helpdesk

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.7

CVE-2024-50394

  • EPSS 0.09%
  • Veröffentlicht 07.03.2025 17:15:19
  • Zuletzt bearbeitet 07.03.2025 17:15:19

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following ve...

4.8

CVE-2024-27125

  • EPSS 0.21%
  • Veröffentlicht 06.09.2024 17:15:14
  • Zuletzt bearbeitet 13.09.2024 21:06:37

A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the followin...

8.8

CVE-2021-28814

  • EPSS 0.66%
  • Veröffentlicht 11.06.2021 07:15:06
  • Zuletzt bearbeitet 21.11.2024 06:00:15

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows remote attackers to compromise the security of the software. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.4...

9.8

CVE-2020-2506

Warnung
  • EPSS 25.83%
  • Veröffentlicht 03.02.2021 16:15:13
  • Zuletzt bearbeitet 07.02.2025 15:02:17

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to compromise the security of the software by gaining privileges, or reading sensitive information....

9.8

CVE-2020-2507

  • EPSS 1.61%
  • Veröffentlicht 03.02.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:25:22

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.

5.9

CVE-2018-19946

  • EPSS 0.1%
  • Veröffentlicht 11.09.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 03:58:51

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this improper certificate validation vulnerability could allow an attacker to spoof a trusted entity by interfering in the communication path between the host ...

6.5

CVE-2018-19947

  • EPSS 0.31%
  • Veröffentlicht 11.09.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 03:58:51

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this information exposure vulnerability could disclose sensitive information. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.

6.5

CVE-2018-19948

  • EPSS 0.12%
  • Veröffentlicht 11.09.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 03:58:52

The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP ...

6.5

CVE-2020-2500

  • EPSS 0.26%
  • Veröffentlicht 01.07.2020 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:25:21

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service. Attackers can access the sensitive data on QNAP Kayako server with API keys. We have replaced the API key to mitigate the vulnerability, an...

7.5

CVE-2018-0728

  • EPSS 0.28%
  • Veröffentlicht 04.12.2019 17:16:42
  • Zuletzt bearbeitet 21.11.2024 03:38:49

This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.