Every CVE whose affected-product data names Qnap Qes, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2020-2503 — CVSS 9.0 (critical): If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP…
CVE-2020-2499 — CVSS 6.3 (medium): A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow…
CVE-2020-2504 — CVSS 5.8 (medium): If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. QNAP has already fixed…
CVE-2020-2505 — CVSS 2.3 (low): If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. QNAP has already…