Browse all 31 CVE security advisories affecting QSAN. AI-powered Chinese analysis, POCs, and references for each vulnerability.
QSAN operates primarily in the network-attached storage and data management sector, providing hardware and software solutions for enterprise data protection and virtualization. Security audits reveal a concerning history of thirty-one recorded Common Vulnerabilities and Exposures, indicating persistent weaknesses in their product lifecycle management. The most prevalent vulnerability classes include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and improper access controls within their web-based management interfaces. These defects allow attackers to potentially gain unauthorized administrative access or execute arbitrary commands on affected storage systems. While no single catastrophic public breach has been widely documented as a direct result of these specific CVEs, the high volume of disclosed issues suggests systemic gaps in secure coding practices. Organizations utilizing QSAN infrastructure must prioritize rigorous patching and network segmentation to mitigate the risk of exploitation inherent in these known defects.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-32535 | QSAN SANOS - Use of Hard-coded Credentials — SANOSCWE-798 | 9.8 | Critical | 2021-07-07 |
| CVE-2021-32534 | QSAN SANOS - Command Injection — SANOSCWE-78 | 9.8 | Critical | 2021-07-07 |
| CVE-2021-32533 | QSAN SANOS - Command Injection — SANOSCWE-78 | 9.8 | Critical | 2021-07-07 |
This page lists every published CVE security advisory associated with QSAN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.