Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities found for QuNetSwitch by Qnap
CERTFR-2026-AVI-0336
Vulnerability from certfr_avis - Published: 2026-03-23 - Updated: 2026-03-23
De multiples vulnérabilités ont été découvertes dans les produits Qnap. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Qnap | QuFTP Service | QuFTP Service versions 1.4.x antérieures à 1.4.3 | ||
| Qnap | QuFTP Service | QuFTP Service versions 1.6.x antérieures à 1.6.2 | ||
| Qnap | Media Streaming | greffon Media Streaming versions 500.1.x antérieures à 500.1.1 | ||
| Qnap | QVR Pro | QVR Pro versions 2.7.x antérieures à 2.7.4.14 | ||
| Qnap | QuRouter | QuRouter versions 2.6.x antérieures à 2.6.3.009 | ||
| Qnap | QuFTP Service | QuFTP Service versions 1.5.x antérieures à 1.5.2 | ||
| Qnap | QuNetSwitch | QuNetSwitch versions 2.0.5.x antérieures à 2.0.5.0906 | ||
| Qnap | QuNetSwitch | QuNetSwitch versions 2.0.4.x antérieures à 2.0.4.0415 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QuFTP Service versions 1.4.x ant\u00e9rieures \u00e0 1.4.3",
"product": {
"name": "QuFTP Service",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuFTP Service versions 1.6.x ant\u00e9rieures \u00e0 1.6.2",
"product": {
"name": "QuFTP Service",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "greffon Media Streaming versions 500.1.x ant\u00e9rieures \u00e0 500.1.1",
"product": {
"name": "Media Streaming",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QVR Pro versions 2.7.x ant\u00e9rieures \u00e0 2.7.4.14",
"product": {
"name": "QVR Pro",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuRouter versions 2.6.x ant\u00e9rieures \u00e0 2.6.3.009",
"product": {
"name": "QuRouter",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuFTP Service versions 1.5.x ant\u00e9rieures \u00e0 1.5.2",
"product": {
"name": "QuFTP Service",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuNetSwitch versions 2.0.5.x ant\u00e9rieures \u00e0 2.0.5.0906",
"product": {
"name": "QuNetSwitch",
"vendor": {
"name": "Qnap",
"scada": false
}
}
},
{
"description": "QuNetSwitch versions 2.0.4.x ant\u00e9rieures \u00e0 2.0.4.0415",
"product": {
"name": "QuNetSwitch",
"vendor": {
"name": "Qnap",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-22901",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22901"
},
{
"name": "CVE-2026-22902",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22902"
},
{
"name": "CVE-2026-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22898"
},
{
"name": "CVE-2025-59383",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59383"
},
{
"name": "CVE-2025-62844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62844"
},
{
"name": "CVE-2025-62846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62846"
},
{
"name": "CVE-2026-22900",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22900"
},
{
"name": "CVE-2026-22897",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22897"
},
{
"name": "CVE-2025-62845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62845"
},
{
"name": "CVE-2026-22895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22895"
},
{
"name": "CVE-2025-62843",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62843"
}
],
"initial_release_date": "2026-03-23T00:00:00",
"last_revision_date": "2026-03-23T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0336",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-03-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Qnap. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Qnap",
"vendor_advisories": [
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-26-15",
"url": "https://www.qnap.com/go/security-advisory/qsa-26-15"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-26-07",
"url": "https://www.qnap.com/go/security-advisory/qsa-26-07"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-26-09",
"url": "https://www.qnap.com/go/security-advisory/qsa-26-09"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap qsa-26-11",
"url": "https://www.qnap.com/go/security-advisory/qsa-26-11"
},
{
"published_at": "2026-03-21",
"title": "Bulletin de s\u00e9curit\u00e9 Qnap QSA-26-12",
"url": "https://www.qnap.com/go/security-advisory/qsa-26-12"
}
]
}
CVE-2026-22897 (GCVE-0-2026-22897)
Vulnerability from nvd – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:03
VLAI
Title
QuNetSwitch
Summary
A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.4.0415 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.4.0415
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:03:46.515840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:03:53.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.4.0415",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.4.0415 and later\u003cbr\u003e"
}
],
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.4.0415 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:21:35.769Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.4.0415 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.4.0415 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22897",
"datePublished": "2026-03-20T16:21:35.769Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:03:53.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22900 (GCVE-0-2026-22900)
Vulnerability from nvd – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:04
VLAI
Title
QuNetSwitch
Summary
A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.5.0906
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:04:33.527344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:04:41.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.5.0906",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:21:25.342Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22900",
"datePublished": "2026-03-20T16:21:25.342Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:04:41.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22902 (GCVE-0-2026-22902)
Vulnerability from nvd – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:05
VLAI
Title
QuNetSwitch
Summary
A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.5.0906
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:05:34.007988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:05:39.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.5.0906",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:25:00.669Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22902",
"datePublished": "2026-03-20T16:21:07.923Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:05:39.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22901 (GCVE-0-2026-22901)
Vulnerability from nvd – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:05
VLAI
Title
QuNetSwitch
Summary
A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.5.0906
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:05:06.383659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:05:15.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.5.0906",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:21:19.890Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22901",
"datePublished": "2026-03-20T16:21:19.890Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:05:15.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-28813 (GCVE-0-2021-28813)
Vulnerability from nvd – Published: 2021-09-10 04:00 – Updated: 2024-09-17 00:21
VLAI
Title
Insufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitch
Summary
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later
Severity
9.6 (Critical)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.qnap.com/en/security-advisory/qsa-21-37 | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QSW-M2116P-2T2S |
Affected:
unspecified , < 1.0.6 build 210713
(custom)
|
|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
unspecified , < 1.0.6.1509
(custom)
|
|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
unspecified , < 1.0.6.1519
(custom)
|
Date Public
2021-09-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:11.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-21-37"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "QSW-M2116P-2T2S",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6 build 210713",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QGD-1600P"
],
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6.1509",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QGD-1602P"
],
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6.1509",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QGD-3014PT"
],
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6.1519",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-10T04:00:19.000Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-21-37"
}
],
"solutions": [
{
"lang": "en",
"value": "We have already fixed this vulnerability in the following versions of QSW-M2116P-2T2S, QuNetSwitch:\nQSW-M2116P-2T2S 1.0.6 build 210713 and later\nQGD-1600P: QuNetSwitch 1.0.6.1509 and later\nQGD-1602P: QuNetSwitch 1.0.6.1509 and later\nQGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
],
"source": {
"advisory": "QSA-21-37",
"discovery": "EXTERNAL"
},
"title": "Insufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2021-09-09T16:54:00.000Z",
"ID": "CVE-2021-28813",
"STATE": "PUBLIC",
"TITLE": "Insufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitch"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QSW-M2116P-2T2S",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.0.6 build 210713"
}
]
}
},
{
"product_name": "QuNetSwitch",
"version": {
"version_data": [
{
"platform": "QGD-1600P",
"version_affected": "\u003c",
"version_value": "1.0.6.1509"
},
{
"platform": "QGD-1602P",
"version_affected": "\u003c",
"version_value": "1.0.6.1509"
},
{
"platform": "QGD-3014PT",
"version_affected": "\u003c",
"version_value": "1.0.6.1519"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-259"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-798"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/qsa-21-37",
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-37"
}
]
},
"solution": [
{
"lang": "en",
"value": "We have already fixed this vulnerability in the following versions of QSW-M2116P-2T2S, QuNetSwitch:\nQSW-M2116P-2T2S 1.0.6 build 210713 and later\nQGD-1600P: QuNetSwitch 1.0.6.1509 and later\nQGD-1602P: QuNetSwitch 1.0.6.1509 and later\nQGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
],
"source": {
"advisory": "QSA-21-37",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2021-28813",
"datePublished": "2021-09-10T04:00:20.068Z",
"dateReserved": "2021-03-18T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:21:02.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-22897 (GCVE-0-2026-22897)
Vulnerability from cvelistv5 – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:03
VLAI
Title
QuNetSwitch
Summary
A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.4.0415 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.4.0415
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22897",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:03:46.515840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:03:53.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.4.0415",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.4.0415 and later\u003cbr\u003e"
}
],
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.4.0415 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:21:35.769Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.4.0415 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.4.0415 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22897",
"datePublished": "2026-03-20T16:21:35.769Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:03:53.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22900 (GCVE-0-2026-22900)
Vulnerability from cvelistv5 – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:04
VLAI
Title
QuNetSwitch
Summary
A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.5.0906
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:04:33.527344Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:04:41.325Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.5.0906",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:21:25.342Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22900",
"datePublished": "2026-03-20T16:21:25.342Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:04:41.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22901 (GCVE-0-2026-22901)
Vulnerability from cvelistv5 – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:05
VLAI
Title
QuNetSwitch
Summary
A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.5.0906
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:05:06.383659Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:05:15.945Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.5.0906",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:21:19.890Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22901",
"datePublished": "2026-03-20T16:21:19.890Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:05:15.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22902 (GCVE-0-2026-22902)
Vulnerability from cvelistv5 – Published: 2026-03-20 16:21 – Updated: 2026-03-25 14:05
VLAI
Title
QuNetSwitch
Summary
A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
2.0.x , < 2.0.5.0906
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T14:05:34.007988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T14:05:39.936Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "2.0.5.0906",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u7522\u54c1\u5b89\u5168\u6f0f\u6d1e\u7375\u6355\u8a08\u5283 - YingMuo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\u003cbr\u003e\u003cbr\u003eWe have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"exploitMaturity": "UNREPORTED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T16:25:00.669Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-26-11"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We have already fixed the vulnerability in the following version:\u003cbr\u003eQuNetSwitch 2.0.5.0906 and later\u003cbr\u003e"
}
],
"value": "We have already fixed the vulnerability in the following version:\nQuNetSwitch 2.0.5.0906 and later"
}
],
"source": {
"advisory": "QSA-26-11",
"discovery": "EXTERNAL"
},
"title": "QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2026-22902",
"datePublished": "2026-03-20T16:21:07.923Z",
"dateReserved": "2026-01-13T07:49:08.784Z",
"dateUpdated": "2026-03-25T14:05:39.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2021-28813 (GCVE-0-2021-28813)
Vulnerability from cvelistv5 – Published: 2021-09-10 04:00 – Updated: 2024-09-17 00:21
VLAI
Title
Insufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitch
Summary
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later
Severity
9.6 (Critical)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.qnap.com/en/security-advisory/qsa-21-37 | x_refsource_MISC |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| QNAP Systems Inc. | QSW-M2116P-2T2S |
Affected:
unspecified , < 1.0.6 build 210713
(custom)
|
|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
unspecified , < 1.0.6.1509
(custom)
|
|
| QNAP Systems Inc. | QuNetSwitch |
Affected:
unspecified , < 1.0.6.1519
(custom)
|
Date Public
2021-09-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:11.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-21-37"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "QSW-M2116P-2T2S",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6 build 210713",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QGD-1600P"
],
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6.1509",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QGD-1602P"
],
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6.1509",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"platforms": [
"QGD-3014PT"
],
"product": "QuNetSwitch",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "1.0.6.1519",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-09-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-259",
"description": "CWE-259",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-10T04:00:19.000Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qnap.com/en/security-advisory/qsa-21-37"
}
],
"solutions": [
{
"lang": "en",
"value": "We have already fixed this vulnerability in the following versions of QSW-M2116P-2T2S, QuNetSwitch:\nQSW-M2116P-2T2S 1.0.6 build 210713 and later\nQGD-1600P: QuNetSwitch 1.0.6.1509 and later\nQGD-1602P: QuNetSwitch 1.0.6.1509 and later\nQGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
],
"source": {
"advisory": "QSA-21-37",
"discovery": "EXTERNAL"
},
"title": "Insufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitch",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2021-09-09T16:54:00.000Z",
"ID": "CVE-2021-28813",
"STATE": "PUBLIC",
"TITLE": "Insufficiently Protected Credentials Vulnerability in QSW-M2116P-2T2S and QuNetSwitch"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QSW-M2116P-2T2S",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.0.6 build 210713"
}
]
}
},
{
"product_name": "QuNetSwitch",
"version": {
"version_data": [
{
"platform": "QGD-1600P",
"version_affected": "\u003c",
"version_value": "1.0.6.1509"
},
{
"platform": "QGD-1602P",
"version_affected": "\u003c",
"version_value": "1.0.6.1509"
},
{
"platform": "QGD-3014PT",
"version_affected": "\u003c",
"version_value": "1.0.6.1519"
}
]
}
}
]
},
"vendor_name": "QNAP Systems Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism.We have already fixed this vulnerability in the following versions: QSW-M2116P-2T2S 1.0.6 build 210713 and later QGD-1600P: QuNetSwitch 1.0.6.1509 and later QGD-1602P: QuNetSwitch 1.0.6.1509 and later QGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-259"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-798"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-522"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/en/security-advisory/qsa-21-37",
"refsource": "MISC",
"url": "https://www.qnap.com/en/security-advisory/qsa-21-37"
}
]
},
"solution": [
{
"lang": "en",
"value": "We have already fixed this vulnerability in the following versions of QSW-M2116P-2T2S, QuNetSwitch:\nQSW-M2116P-2T2S 1.0.6 build 210713 and later\nQGD-1600P: QuNetSwitch 1.0.6.1509 and later\nQGD-1602P: QuNetSwitch 1.0.6.1509 and later\nQGD-3014PT: QuNetSwitch 1.0.6.1519 and later"
}
],
"source": {
"advisory": "QSA-21-37",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2021-28813",
"datePublished": "2021-09-10T04:00:20.068Z",
"dateReserved": "2021-03-18T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:21:02.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}