Qts@4.3.4 Security Vulnerabilities and Issues — Qts@4.3.4 CVE List

Lucene search

QnapQts4.3.4

4 matches found

CVE•added 2020/10/28 6:15 p.m.•981 views

CVE-2018-19949

If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20...

9.8CVSS9.6AI score0.57621EPSS

In wild

CVE•added 2020/10/28 6:15 p.m.•978 views

CVE-2018-19943

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS...

8CVSS5.5AI score0.05768EPSS

In wild

CVE•added 2020/10/28 6:15 p.m.•976 views

CVE-2018-19953

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build ...

6.1CVSS6AI score0.34489EPSS

In wild

CVE•added 2020/12/31 5:15 p.m.•50 views

CVE-2018-19945

A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed this vulnerability ...

9.1CVSS9.3AI score0.00399EPSS