Lucene search
QnapCVELIST:CVE-2019-7198HistoryDec 07, 2020 - 12:00 a.m.
CVE-2019-7198 Command Injection Vulnerability in QTS and QuTS hero
2020-12-0700:00:00
CWE-78
CWE-77
qnap
www.cve.org
0.002 Low
EPSS
Percentile
53.0%
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later
CNA Affected
[
{
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"status": "affected",
"version": "< 4.5.1.1456"
},
{
"status": "affected",
"version": "< 4.4.3.1354"
}
]
},
{
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"status": "affected",
"version": "< h4.5.1.1472"
}
]
}
]Related
cve
cve
CVE-2019-7198
2020-12-10 04:15:11
openvas
openvas
QNAP QTS Command Injection Vulnerability (QSA-20-16)
2020-12-11 00:00:00
prion
prion
Command injection
2020-12-10 04:15:00
nvd
nvd
CVE-2019-7198
2020-12-10 04:15:11