PT-2026-26639 · Qnap Systems · Qvr Pro
Fuzzinglabs
·
Published
2026-03-20
·
Updated
2026-03-20
·
CVE-2026-22898
CVSS v4.0
9.3
Critical
| AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
A missing authentication for critical function vulnerability has been reported to affect QVR Pro. The remote attackers can then exploit the vulnerability to gain access to the system.
We have already fixed the vulnerability in the following version:
QVR Pro 2.7.4.14 and later
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qvr Pro