Vulnerabilities > Qnap > QTS > 4.3.3.0998

DATE CVE VULNERABILITY TITLE RISK
2020-10-28 CVE-2018-19949 Command Injection vulnerability in Qnap QTS
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands.
network
low complexity
qnap CWE-77
critical
 9.8
9.8
2020-10-28 CVE-2018-19943 Cross-site Scripting vulnerability in Qnap QTS
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code.
network
low complexity
qnap CWE-79
5.4
5.4
2019-12-05 CVE-2019-7183 Link Following vulnerability in Qnap QTS
This improper link resolution vulnerability allows remote attackers to access system files.
network
low complexity
qnap CWE-59
critical
 9.8
9.8
2019-12-04 CVE-2018-0730 Command Injection vulnerability in Qnap QTS
This command injection vulnerability in File Station allows attackers to execute commands on the affected device.
network
low complexity
qnap CWE-77
critical
 9.8
9.8
2018-06-21 CVE-2018-0712 Command Injection vulnerability in Qnap QTS
Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS.
network
low complexity
qnap CWE-77
critical
 9.8
9.8