CVE-2021-32512 — CVSS 9.8 (critical): QuickInstall in QSAN Storage Manager does not filter special parameters properly that allows remote unauthenticated attackers to inject and…
CVE-2021-32513 — CVSS 9.8 (critical): QsanTorture in QSAN Storage Manager does not filter special parameters properly that allows remote unauthenticated attackers to inject and…
CVE-2021-32520 — CVSS 9.8 (critical): Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to obtain users’ credentials and related…
CVE-2021-32525 — CVSS 9.1 (critical): The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to access the control interface with the…
CVE-2021-32523 — CVSS 9.1 (critical): Improper authorization vulnerability in QSAN Storage Manager allows remote privileged users to bypass the access control and execute…
CVE-2021-32514 — CVSS 7.5 (high): Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote attackers to reboot and discontinue the…
CVE-2021-32516 — CVSS 7.5 (high): Path traversal vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files. The referred…
CVE-2021-32517 — CVSS 7.5 (high): Improper access control vulnerability in share_link in QSAN Storage Manager allows remote attackers to download arbitrary files using…
CVE-2021-32518 — CVSS 7.5 (high): A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a symbolic link then access arbitrary files. The…
CVE-2021-32521 — CVSS 7.3 (high): Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local attackers to escalate privileges. Suggest…
CVE-2021-32526 — CVSS 6.5 (medium): Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote attackers to access…
CVE-2021-32528 — CVSS 5.3 (medium): Observable behavioral discrepancy vulnerability in QSAN Storage Manager allows remote attackers to obtain the system information without…
CVE-2021-32515 — CVSS 5.3 (medium): Directory listing vulnerability in share_link in QSAN Storage Manager allows attackers to list arbitrary directories and further access…
CVE-2021-32511 — CVSS 4.3 (medium): QSAN Storage Manager through directory listing vulnerability in ViewBroserList allows remote authenticated attackers to list arbitrary…
CVE-2021-32510 — CVSS 4.3 (medium): QSAN Storage Manager through directory listing vulnerability in antivirus function allows remote authenticated attackers to list arbitrary…