Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-28807

A post-authentication reflected XSS vulnerability has been reported to affect QNAP NAS running Q’center. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already fixed this vulnerability in the following versions of Q’center: QTS 4.5.3: Q’center v1.12.1012 and later QTS 4.3.6: Q’center v1.10.1004 and later QTS 4.3.3: Q’center v1.10.1004 and later QuTS hero h4.5.2: Q’center v1.12.1012 and later QuTScloud c4.5.4: Q’center v1.12.1012 and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.5%
CVSS Severity
CVSS v3 Score 7.7
CVSS v2 Score 3.5
Products affected by CVE-2021-28807
  • Qnap » Q'center » Version: 1.1.15
    cpe:2.3:a:qnap:q'center:1.1.15
  • Qnap » Q'center » Version: 1.1.17
    cpe:2.3:a:qnap:q'center:1.1.17
  • Qnap » Q'center » Version: 1.1.25
    cpe:2.3:a:qnap:q'center:1.1.25
  • Qnap » Q'center » Version: 1.2.101
    cpe:2.3:a:qnap:q'center:1.2.101
  • Qnap » Q'center » Version: 1.3.503
    cpe:2.3:a:qnap:q'center:1.3.503
  • Qnap » Q'center » Version: 1.4.16
    cpe:2.3:a:qnap:q'center:1.4.16
  • Qnap » Q'center » Version: 1.4.519
    cpe:2.3:a:qnap:q'center:1.4.519
  • Qnap » Q'center » Version: 1.5.607
    cpe:2.3:a:qnap:q'center:1.5.607
  • Qnap » Q'center » Version: 1.6.1056
    cpe:2.3:a:qnap:q'center:1.6.1056
  • Qnap » Q'center » Version: 1.6.1075
    cpe:2.3:a:qnap:q'center:1.6.1075
  • Qnap » Q'center » Version: 1.7.1063
    cpe:2.3:a:qnap:q'center:1.7.1063
  • Qnap » Q'center » Version: 1.8.1014
    cpe:2.3:a:qnap:q'center:1.8.1014
  • Qnap » Q'center » Version: 1.8.2005
    cpe:2.3:a:qnap:q'center:1.8.2005
  • Qnap » Q'center » Version: 1.8.3002
    cpe:2.3:a:qnap:q'center:1.8.3002
  • Qnap » Q'center » Version: 1.9.1036
    cpe:2.3:a:qnap:q'center:1.9.1036
  • Qnap » Qts » Version: 4.3.3
    cpe:2.3:o:qnap:qts:4.3.3
  • Qnap » Qts » Version: 4.3.6
    cpe:2.3:o:qnap:qts:4.3.6
  • Qnap » Qts » Version: 4.5.3
    cpe:2.3:o:qnap:qts:4.5.3
  • Qnap » Quts Hero » Version: h4.5.2
    cpe:2.3:o:qnap:quts_hero:h4.5.2
  • Qnap » Qutscloud » Version: c4.5.4
    cpe:2.3:o:qnap:qutscloud:c4.5.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved