CVE-2018-0730 β€” Command Injection in Qnap QTS

CWE-77 β€” Command Injection5 documents4 sources
Severity
9.8CRITICALNVD
EPSS
1.0%
top 22.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Qnap QTS
Timeline
PublishedDec 4
Latest updateMay 24

Description

This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

β–ΆNVDqnap/qts25 versions+24

πŸ”΄Vulnerability Details

2
GHSA
GHSA-2cm3-h7wr-fg9v: This command injection vulnerability in File Station allows attackers to execute commands on the affected device↗2022-05-24
β–Ά
CVEList
CVE-2018-0730: This command injection vulnerability in File Station allows attackers to execute commands on the affected device↗2019-12-04
β–Ά
CVE-2018-0730 β€” Command Injection in Qnap QTS | cvebase