Vulnerabilities > CVE-2019-7193 - Unspecified vulnerability in Qnap QTS

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

qnap

critical

NVD

Published: 2019-12-05

Updated: 2025-02-13

Summary

This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.

Vulnerable Configurations

Part	Description	Count
OS	Qnap Qnap QTS 4.4.1.1033 Qnap QTS 4.4.1.1031 Qnap QTS 4.4.1.0999 Qnap QTS 4.4.1.0998 Qnap QTS 4.4.1.0978 Qnap QTS 4.4.1.0949 Qnap QTS 4.4.1.0948 Qnap QTS 4.3.6.1033 Qnap QTS 4.3.6.1013 Qnap QTS 4.3.6.0993 Qnap QTS 4.3.6.0979 Qnap QTS 4.3.6.0959 Qnap QTS 4.3.6.0944 Qnap QTS 4.3.6.0923 Qnap QTS 4.3.6.0907 Qnap QTS 4.3.6.0895	16

Packetstorm

data source	https://packetstormsecurity.com/files/download/157857/qnapqtsphotostation603-exec.txt
id	PACKETSTORM:157857
last seen	2020-05-30
published	2020-05-28
reporter	Yunus YILDIRIM
source	https://packetstormsecurity.com/files/157857/QNAP-QTS-And-Photo-Station-6.0.3-Remote-Command-Execution.html
title	QNAP QTS And Photo Station 6.0.3 Remote Command Execution

Summary

Vulnerable Configurations

Packetstorm

References