Qnap Vulnerabilities
Comprehensive security vulnerability database for Qnap products
4
0
4
3
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2024-14026 | 2.0 | This vulnerability allows an attacker with a user account and access to the local network to run any commands on the affected QNAP devices. To exploit it, they need to already be on the same network and have valid login credentials. | qnapqts | Exploit Available | 27 days agoMar 11, 2026 |
| CVE-2024-14025 | 0.1 | An attacker with administrator access on the local network can exploit a flaw in Video Station to run unauthorized commands or code. This vulnerability has been fixed in version 5.8.2 and later, so updating is essential to protect against this risk. | qnapvideo station | Exploit Available | 27 days agoMar 11, 2026 |
| CVE-2024-14024 | 0.1 | An attacker with access to the local network and an administrator account can exploit a flaw in Video Station to bypass security measures and potentially compromise the system. This vulnerability has been fixed in version 5.8.2 and later, so it's important to update to that version or newer. | qnapvideo station | Exploit Available | 27 days agoMar 11, 2026 |
| CVE-2023-47565 | 8.8 | This vulnerability allows an attacker with valid login credentials to run malicious commands on affected QNAP NVR devices over the network. It specifically impacts older models using QVR Firmware 4.x, but has been fixed in version 5.0.0 and later. | qnapqvr firmware | Exploit Available | over 2 years agoDec 8, 2023 |
About Qnap Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Qnap products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.