CyberSec.Space Logo
Back to CVE Browser

CVE-2019-7183

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0560%
EPSS Percentile2.99th
PublishedDec 5, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.

Affected Platforms (CPE)

πŸ’»
Qnap

Qts

= 4.2.6
πŸ’»
Qnap

Qts

= 4.3.3.0868
πŸ’»
Qnap

Qts

= 4.3.3.0998
πŸ’»
Qnap

Qts

= 4.3.4.0899
πŸ’»
Qnap

Qts

= 4.3.4.1029
πŸ’»
Qnap

Qts

= 4.3.6.0895
πŸ’»
Qnap

Qts

= 4.3.6.0907
πŸ’»
Qnap

Qts

= 4.3.6.0923
πŸ’»
Qnap

Qts

= 4.3.6.0944
πŸ’»
Qnap

Qts

= 4.3.6.0959
πŸ’»
Qnap

Qts

= 4.3.6.0979
πŸ’»
Qnap

Qts

= 4.3.6.0993
πŸ’»
Qnap

Qts

= 4.3.6.1013
πŸ’»
Qnap

Qts

= 4.3.6.1033
πŸ’»
Qnap

Qts

= 4.4.1.0948
πŸ’»
Qnap

Qts

= 4.4.1.0949
πŸ’»
Qnap

Qts

= 4.4.1.0978
πŸ’»
Qnap

Qts

= 4.4.1.0998
πŸ’»
Qnap

Qts

= 4.4.1.0999
πŸ’»
Qnap

Qts

= 4.4.1.1031
πŸ’»
Qnap

Qts

= 4.4.1.1033
πŸ’»
Qnap

Qts

= 4.4.1.1064
πŸ’»
Qnap

Qts

= 4.4.1.1081
πŸ’»
Qnap

Qts

= 4.4.1.1086
πŸ’»
Qnap

Qts

= 4.4.1.1101

References & Advisories

πŸ”— https://www.qnap.com/zh-tw/security-advisory/nas-201911-27
πŸ”— https://www.qnap.com/zh-tw/security-advisory/nas-201911-27

Related Vulnerabilities

CVE-2017-787610.0

This command injection vulnerability in QTS allows attackers to run arbitrary commands in the compromised application. QNAP have a...

CVE-2021-2879910.0

An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync. ) If exploited, th...

CVE-2018-07309.8

This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulne...

CVE-2018-199499.8

If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed ...