A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password. QNAP has already fixed the issue in QES 2.1.1 Build 20200515 and later.
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:NQnap Qes
APPQnap2.1.1< 2.1.1
Related vulnerabilities
If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious ...
If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Stati...
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error m...
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Ph...
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync...