Vulnerabilities > Qnap > QTS > 4.4.3

DATE CVE VULNERABILITY TITLE RISK
2020-12-10 CVE-2019-7198 Command Injection vulnerability in Qnap QTS and Quts Hero
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application.
network
low complexity
qnap CWE-77
7.5
7.5
2020-11-16 CVE-2020-2492 Command Injection vulnerability in Qnap QTS
If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands.
network
low complexity
qnap CWE-77
6.5
6.5
2020-11-16 CVE-2020-2490 Command Injection vulnerability in Qnap QTS
If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands.
network
low complexity
qnap CWE-77
6.5
6.5
2020-11-02 CVE-2018-19952 SQL Injection vulnerability in Qnap Music Station
If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information.
network
low complexity
qnap CWE-89
5.0
5.0