GCVE - cpe:2.3:a:qnap_systems_inc.:qulog_center:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:qnap_systems_inc.:qulog_center:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Qnap Systems Inc. (`1f66ac1e-0889-51bf-b27f-24c7175e5920`)
Product	Qulog Center (`447eec3e-5931-5388-8b02-921c5b8a88d7`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-58469`	vulnerable	2026-06-03 15:06:21.758376	QuLog Center A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The remote attackers can then exploit the vulnerability to gain privileges or hijack user identities. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.927 ( 2025/09/17 ) and later Published: 2025-11-07T15:08:56.159Z Updated: 2025-11-07T15:48:30.618Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-25-42	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-54168`	vulnerable	2026-06-03 15:04:55.155953	QuLog Center A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: QuLog Center 1.8.2.923 ( 2025/08/27 ) and later Published: 2025-11-07T15:12:10.966Z Updated: 2025-11-07T15:57:21.137Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-25-42	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-53696`	vulnerable	2026-06-03 14:57:39.911258	QuLog Center A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.829 ( 2024/10/01 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later QTS 4.5.4.2957 build 20241119 and later QuTS hero h4.5.4.2956 build 20241119 and later Published: 2025-03-07T16:13:55.595Z Updated: 2025-03-07T17:54:11.651Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-24-53	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-48862`	vulnerable	2026-06-03 14:57:10.330390	QuLog Center A link following vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers to traverse the file system to unintended locations and read or overwrite the contents of unexpected files. We have already fixed the vulnerability in the following versions: QuLog Center 1.7.0.831 ( 2024/10/15 ) and later QuLog Center 1.8.0.888 ( 2024/10/15 ) and later Published: 2024-11-22T15:31:54.450Z Updated: 2024-11-22T16:47:06.193Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-24-46	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-32762`	vulnerable	2026-06-03 14:55:47.959556	QuLog Center HIGH (8.2) A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuLog Center 1.8.0.872 ( 2024/06/17 ) and later QuLog Center 1.7.0.827 ( 2024/06/17 ) and later Published: 2024-09-06T16:27:22.225Z Updated: 2024-09-06T17:32:52.859Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-24-30	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23357`	vulnerable	2026-06-03 14:49:21.298405	QuLog Center MEDIUM (4.8) A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later Published: 2024-12-19T01:39:02.809Z Updated: 2024-12-24T00:41:08.605Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-23-16	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-23354`	vulnerable	2026-06-03 14:49:21.274972	QuLog Center HIGH (7.3) A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later Published: 2024-12-19T01:39:27.208Z Updated: 2024-12-24T00:40:55.260Z Open on db.gcve.eu Reference links https://www.qnap.com/en/security-advisory/qsa-23-13	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-36196`	vulnerable	2026-06-03 14:42:33.285383	Stored XSS Vulnerability in QuLog Center A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QuLog Center versions prior to 1.2.0. Published: 2021-07-01T02:00:18.925Z Updated: 2024-09-16T19:30:06.275Z Open on db.gcve.eu Reference links https://www.qnap.com/zh-tw/security-advisory/qsa-21-30	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.