Vulnerabilities > Qnap > QTS > 4.3.6.0923

DATE CVE VULNERABILITY TITLE RISK
2020-10-28 CVE-2018-19949 Command Injection vulnerability in Qnap QTS
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands.
network
low complexity
qnap CWE-77
critical
 9.8
9.8
2020-10-28 CVE-2018-19943 Cross-site Scripting vulnerability in Qnap QTS
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code.
network
low complexity
qnap CWE-79
5.4
5.4
2019-12-05 CVE-2019-7193 Unspecified vulnerability in Qnap QTS
This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system.
network
low complexity
qnap
critical
 9.8
9.8
2019-12-05 CVE-2019-7183 Link Following vulnerability in Qnap QTS
This improper link resolution vulnerability allows remote attackers to access system files.
network
low complexity
qnap CWE-59
critical
 9.8
9.8
2019-12-04 CVE-2018-0730 Command Injection vulnerability in Qnap QTS
This command injection vulnerability in File Station allows attackers to execute commands on the affected device.
network
low complexity
qnap CWE-77
critical
 9.8
9.8