This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.
2019-12-05T17:15:13.027
2025-02-13T14:16:18.827
Analyzed
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | qnap | qts | 4.3.6.0895 | Yes |
| Operating System | qnap | qts | 4.3.6.0907 | Yes |
| Operating System | qnap | qts | 4.3.6.0923 | Yes |
| Operating System | qnap | qts | 4.3.6.0944 | Yes |
| Operating System | qnap | qts | 4.3.6.0959 | Yes |
| Operating System | qnap | qts | 4.3.6.0979 | Yes |
| Operating System | qnap | qts | 4.3.6.0993 | Yes |
| Operating System | qnap | qts | 4.3.6.1013 | Yes |
| Operating System | qnap | qts | 4.3.6.1033 | Yes |
| Operating System | qnap | qts | 4.4.1.0948 | Yes |
| Operating System | qnap | qts | 4.4.1.0949 | Yes |
| Operating System | qnap | qts | 4.4.1.0978 | Yes |
| Operating System | qnap | qts | 4.4.1.0998 | Yes |
| Operating System | qnap | qts | 4.4.1.0999 | Yes |
| Operating System | qnap | qts | 4.4.1.1031 | Yes |
| Operating System | qnap | qts | 4.4.1.1033 | Yes |