CVE-2024-32764

CRITICAL Year: 2024
CVSS v3 Score
9.9
Critical
Weakness Type
CWE-306
View all →

Vulnerability Description

A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following version: myQNAPcloud Link 2.4.51 and later

Related Vulnerabilities

CVE-2016-8355

CRITICAL
CVSS:9.9(Critical)

An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0; 3.0; and 3.1. CADD-Solis Medication Safety Software grants an authenticated user elevated privileges ...

CWE-3062016

CVE-2017-12822

CRITICAL
CVSS:9.9(Critical)

Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to new attack vectors.

CWE-3062017

CVE-2020-35951

CRITICAL
CVSS:9.9(Critical)

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offli...

CWE-3062020

CVE-2006-0061

CRITICAL
CVSS:9.8(Critical)

xlockmore 5.13 and 5.22 segfaults when using libpam-opensc and returns the underlying xsession. This allows unauthorized users access to the X session.

CWE-3062006

CVE-2006-0062

CRITICAL
CVSS:9.8(Critical)

xlockmore 5.13 allows potential xlock bypass when FVWM switches to the same virtual desktop as a new Gaim window.

CWE-3062006

CVE-2010-5326

CRITICAL
CVSS:10.0(Critical)

The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTT...

CWE-3062010