MEDIUM✓ PATCH🇬🇧 English

CVE-2026-22900

CVSS 6.8v4.0pub. 2026-03-20upd. 2026-03-25

A use of hard-coded credentials vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to gain unauthorized access. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Qnap Qunetswitch

    APP
    Qnap
    2.0.1.13077 – 2.0.5.0906 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-28813CRITICAL9.6ten sam produkt

A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2...

CVE-2026-22897HIGH8.1ten sam produkt

A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then explo...

CVE-2026-22901MEDIUM6.3ten sam produkt

A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user a...

CVE-2026-22902MEDIUM5.7ten sam produkt

A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an admini...

CVE-2022-27593CRITICAL10.0⚠ KEVten sam vendor

An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Ph...