4.4.1.0949

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-10	CVE-2019-7198	Command Injection vulnerability in Qnap QTS and Quts Hero This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. network low complexity qnap CWE-77	7.5
2020-11-16	CVE-2020-2492	Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. network low complexity qnap CWE-77	6.5
2020-11-16	CVE-2020-2490	Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. network low complexity qnap CWE-77	6.5
2020-10-28	CVE-2018-19953	Cross-site Scripting vulnerability in Qnap QTS If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. network qnap CWE-79	4.3
2020-10-28	CVE-2018-19949	Command Injection vulnerability in Qnap QTS If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. network low complexity qnap CWE-77	7.5
2020-10-28	CVE-2018-19943	Cross-site Scripting vulnerability in Qnap QTS If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. network qnap CWE-79	3.5
2019-12-05	CVE-2019-7193	Improper Input Validation vulnerability in Qnap QTS This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. network low complexity qnap CWE-20 critical	10.0
2019-12-05	CVE-2019-7183	Link Following vulnerability in Qnap QTS This improper link resolution vulnerability allows remote attackers to access system files. network low complexity qnap CWE-59	7.5
2019-12-04	CVE-2018-0730	Command Injection vulnerability in Qnap QTS This command injection vulnerability in File Station allows attackers to execute commands on the affected device. network low complexity qnap CWE-77	7.5