Cleartext Storage of Sensitive Information
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. QNAP have already fixed this vulnerability in the following versions: QTS 184.108.40.2066 build 20201015 (and later) QuTS hero h220.127.116.112 build 20201031 (and later) QuTScloud c18.104.22.1689 build 20200730 (and later)
CWE-312 - Cleartext Storage of Sensitive Information
The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.