CVE-2018-0730

Summary

This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.

Affected Software

VendorProductVersion RangeStatus
n/aQNAP NAS devicesQTS 4.4.1: before build 20190918, QTS 4.3.6: before build 20190328, QTS 4.3.4: before build 20190325, QTS 4.3.3: before build 20190325, QTS 4.2.6: before build 20190325affected

Weaknesses

  • Commend Injection

ADP Enrichment

CVE Program Container

Additional References

References