Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-19942

A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QTS 4.5.1.1456 build 20201015 (and later) QTS 4.3.6.1446 build 20200929 (and later) QTS 4.3.4.1463 build 20201006 (and later) QTS 4.3.3.1432 build 20201006 (and later) QTS 4.2.6 build 20210327 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.4.1601 build 20210309 (and later) QuTScloud c4.5.3.1454 build 20201013 (and later)

Published

2021-04-16T01:15:12.020

Last Modified

2024-11-21T03:58:51.297

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-79
CWE-80
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qnap	qts	< 4.2.6	Yes
Operating System	qnap	qts	< 4.3.6	Yes
Operating System	qnap	qts	< 4.5.1	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.3.3	Yes
Operating System	qnap	qts	4.3.3.0095	Yes
Operating System	qnap	qts	4.3.3.0096	Yes
Operating System	qnap	qts	4.3.3.0136	Yes
Operating System	qnap	qts	4.3.3.0154	Yes
Operating System	qnap	qts	4.3.3.0174	Yes
Operating System	qnap	qts	4.3.3.0188	Yes
Operating System	qnap	qts	4.3.3.0210	Yes
Operating System	qnap	qts	4.3.3.0229	Yes
Operating System	qnap	qts	4.3.3.0238	Yes
Operating System	qnap	qts	4.3.3.0262	Yes
Operating System	qnap	qts	4.3.3.0299	Yes
Operating System	qnap	qts	4.3.3.0351	Yes
Operating System	qnap	qts	4.3.3.0353	Yes
Operating System	qnap	qts	4.3.3.0361	Yes
Operating System	qnap	qts	4.3.3.0369	Yes
Operating System	qnap	qts	4.3.3.0378	Yes
Operating System	qnap	qts	4.3.3.0396	Yes
Operating System	qnap	qts	4.3.3.0404	Yes
Operating System	qnap	qts	4.3.3.0416	Yes
Operating System	qnap	qts	4.3.3.0418	Yes
Operating System	qnap	qts	4.3.3.0448	Yes
Operating System	qnap	qts	4.3.3.0514	Yes
Operating System	qnap	qts	4.3.3.0546	Yes
Operating System	qnap	qts	4.3.3.0570	Yes
Operating System	qnap	qts	4.3.3.0868	Yes
Operating System	qnap	qts	4.3.3.0998	Yes
Operating System	qnap	qts	4.3.3.1051	Yes
Operating System	qnap	qts	4.3.3.1098	Yes
Operating System	qnap	qts	4.3.3.1161	Yes
Operating System	qnap	qts	4.3.3.1252	Yes
Operating System	qnap	qts	4.3.3.1315	Yes
Operating System	qnap	qts	4.3.3.1386	Yes
Operating System	qnap	qts	4.3.4	Yes
Operating System	qnap	qts	4.3.4.0358	Yes
Operating System	qnap	qts	4.3.4.0358	Yes
Operating System	qnap	qts	4.3.4.0370	Yes
Operating System	qnap	qts	4.3.4.0370	Yes
Operating System	qnap	qts	4.3.4.0372	Yes
Operating System	qnap	qts	4.3.4.0372	Yes
Operating System	qnap	qts	4.3.4.0374	Yes
Operating System	qnap	qts	4.3.4.0374	Yes
Operating System	qnap	qts	4.3.4.0387	Yes
Operating System	qnap	qts	4.3.4.0387	Yes
Operating System	qnap	qts	4.3.4.0411	Yes
Operating System	qnap	qts	4.3.4.0416	Yes
Operating System	qnap	qts	4.3.4.0427	Yes
Operating System	qnap	qts	4.3.4.0434	Yes
Operating System	qnap	qts	4.3.4.0435	Yes
Operating System	qnap	qts	4.3.4.0451	Yes
Operating System	qnap	qts	4.3.4.0483	Yes
Operating System	qnap	qts	4.3.4.0486	Yes
Operating System	qnap	qts	4.3.4.0506	Yes
Operating System	qnap	qts	4.3.4.0516	Yes
Operating System	qnap	qts	4.3.4.0526	Yes
Operating System	qnap	qts	4.3.4.0551	Yes
Operating System	qnap	qts	4.3.4.0557	Yes
Operating System	qnap	qts	4.3.4.0561	Yes
Operating System	qnap	qts	4.3.4.0569	Yes
Operating System	qnap	qts	4.3.4.0593	Yes
Operating System	qnap	qts	4.3.4.0597	Yes
Operating System	qnap	qts	4.3.4.0604	Yes
Operating System	qnap	qts	4.3.4.0899	Yes
Operating System	qnap	qts	4.3.4.1029	Yes
Operating System	qnap	qts	4.3.4.1082	Yes
Operating System	qnap	qts	4.3.4.1190	Yes
Operating System	qnap	qts	4.3.4.1282	Yes
Operating System	qnap	qts	4.3.4.1368	Yes
Operating System	qnap	qts	4.3.4.1417	Yes
Operating System	qnap	qts	4.3.6	Yes
Operating System	qnap	qts	4.3.6.0895	Yes
Operating System	qnap	qts	4.3.6.0907	Yes
Operating System	qnap	qts	4.3.6.0923	Yes
Operating System	qnap	qts	4.3.6.0944	Yes
Operating System	qnap	qts	4.3.6.0959	Yes
Operating System	qnap	qts	4.3.6.0979	Yes
Operating System	qnap	qts	4.3.6.0993	Yes
Operating System	qnap	qts	4.3.6.1013	Yes
Operating System	qnap	qts	4.3.6.1033	Yes
Operating System	qnap	qts	4.3.6.1070	Yes
Operating System	qnap	qts	4.3.6.1154	Yes
Operating System	qnap	qts	4.3.6.1218	Yes
Operating System	qnap	qts	4.3.6.1263	Yes
Operating System	qnap	qts	4.3.6.1286	Yes
Operating System	qnap	qts	4.3.6.1333	Yes
Operating System	qnap	qts	4.3.6.1411	Yes
Operating System	qnap	qts	4.5.1	Yes
Operating System	qnap	qts	4.5.2	Yes
Operating System	qnap	quts_hero	< h4.5.1	Yes
Operating System	qnap	quts_hero	h4.5.1	Yes
Operating System	qnap	quts_hero	h4.5.1	Yes
Operating System	qnap	qutscloud	< c4.5.3	Yes
Operating System	qnap	qutscloud	c4.5.3	Yes
Operating System	qnap	qutscloud	c4.5.4	Yes

References

https://www.qnap.com/zh-tw/security-advisory/qsa-21-04 Vendor Advisory ([email protected])
https://www.qnap.com/zh-tw/security-advisory/qsa-21-04 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)