Lucene search
K

Qnap QuTS hero Command Injection (CVE-2019-7198)

šŸ—“ļøĀ 16 Oct 2024Ā 00:00:00Reported byĀ TenableTypeĀ 
nessus
Ā nessus
šŸ”—Ā www.tenable.comšŸ‘Ā 14Ā Views

Qnap QuTS hero Command Injection (CVE-2019-7198) vulnerability allows executing arbitrary commands in compromised application. Fixed in QuTS hero h4.5.1.1472 build 20201031 and later, QTS 4.5.1.1456 build 20201015 and later, QTS 4.4.3.1354 build 20200702 and later. Plugin only works with Tenable.ot.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2019-7198
10 Dec 202007:33
–circl
CNNVD
Weilian QNAP Systems QUTS Hero Command Injection Vulnerability
9 Dec 202000:00
–cnnvd
CVE
CVE-2019-7198
10 Dec 202003:34
–cve
Cvelist
CVE-2019-7198 Command Injection Vulnerability in QTS and QuTS hero
10 Dec 202003:34
–cvelist
EUVD
EUVD-2019-16742
7 Oct 202500:30
–euvd
NVD
CVE-2019-7198
10 Dec 202004:15
–nvd
OpenVAS
QNAP QTS Command Injection Vulnerability (QSA-20-16)
11 Dec 202000:00
–openvas
OSV
CVE-2019-7198
10 Dec 202004:15
–osv
Prion
Command injection
10 Dec 202004:15
–prion
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502527);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/10/17");

  script_cve_id("CVE-2019-7198");

  script_name(english:"Qnap QuTS hero Command Injection (CVE-2019-7198)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"This command injection vulnerability allows attackers to execute
arbitrary commands in a compromised application. QNAP have already
fixed this vulnerability in the following versions of QTS and QuTS
hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456
build 20201015 and later QTS 4.4.3.1354 build 20200702 and later

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://www.qnap.com/en/security-advisory/qsa-20-16");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-7198");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(77, 78);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/12/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/10/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:quts_hero:h4.5.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.5.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts:4.4.3");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Qnap");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Qnap');

var asset = tenable_ot::assets::get(vendor:'Qnap');

var vuln_cpes = {
    "cpe:/o:qnap:quts_hero:h4.5.1" :
        {"versionStartIncluding" : "h4.5.1", "versionEndExcluding" : "h4.5.1.1472", "family" : "QuTShero"},
    "cpe:/o:qnap:qts:4.5.1" :
        {"versionStartIncluding" : "4.5.1", "versionEndExcluding" : "4.5.1.1456", "family" : "QTS"},
    "cpe:/o:qnap:qts:4.4.3" :
        {"versionStartIncluding" : "4.4.3", "versionEndExcluding" : "4.4.3.1354", "family" : "QTS"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Oct 2024 00:00Current
8.4High risk
Vulners AI Score8.4
CVSS 27.5
CVSS 3.19.8
EPSS0.02685
14