Qunetswitch

qunetswitch

Vendor: Qnap • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-22902 1Qnap 1Qunetswitch Mar 25, 2026 Mar 20, 2026 5.7 MEDIUM· v4 6.7 MEDIUM· v3 N/A· v2 A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed...Show more A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and laterShow less
CVE-2026-22901 1Qnap 1Qunetswitch Mar 25, 2026 Mar 20, 2026 6.3 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vuln...Show more A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and laterShow less
CVE-2026-22900 1Qnap 1Qunetswitch Mar 25, 2026 Mar 20, 2026 6.8 MEDIUM· v4 9.8 CRITICAL· v3 N/A· v2 A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the...Show more A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and laterShow less
CVE-2026-22897 1Qnap 1Qunetswitch Mar 25, 2026 Mar 20, 2026 8.1 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following...Show more A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.4.0415 and laterShow less
CVE-2021-28813 1Qnap 2Qsw M2116p 2t2s Firmware Qunetswitch Nov 21, 2024 Sep 10, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sens...Show more A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and laterShow less