CVE-2018-14747

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
7.5HIGH
EPSS
0.9%
top 24.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Qnap QTSQnap QTS
Timeline
PublishedNov 28
Latest updateMay 14

Description

NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to crash the NAS media server.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDqnap/qts4 versions+3
CVEListV5qnap/qnap_qtsQTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions

🔴Vulnerability Details

2
GHSA
GHSA-qjhx-fg4j-47h8: NULL Pointer Dereference vulnerability in QTS 42022-05-14
CVEList
CVE-2018-14747: NULL Pointer Dereference vulnerability in QTS 42018-11-28
CVE-2018-14747 (HIGH CVSS 7.5) | NULL Pointer Dereference vulnerabil | cvebase.io