CVE-2018-19953
published 2020-10-28CVE-2018-19953: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following…
PriorityP181medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
KEVITWRansomware
CISA Known Exploited Vulnerabilitydue 2022-06-14
Exploited in the wild
EPSS
23.89%
97.5th percentile
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qnap | qts | < 4.2.6 | 4.2.6 |
| qnap | qts | — | — |
| qnap | qts | >= 4.3.1.0013 < 4.3.3.1161 | 4.3.3.1161 |
| qnap | qts | >= 4.3.4 < 4.3.4.1190 | 4.3.4.1190 |
| qnap | qts | >= 4.3.6 < 4.3.6.1218 | 4.3.6.1218 |
| qnap | qts | >= 4.4.0 < 4.4.1.1201 | 4.4.1.1201 |
| qnap | qts | >= 4.4.2 < 4.4.2.1231 | 4.4.2.1231 |
| qnap_systems_inc | qts | >= unspecified < 4.4.2.1231 | 4.4.2.1231 |
| qnap_systems_inc | qts | >= unspecified < 4.4.1.1201 | 4.4.1.1201 |
| qnap_systems_inc | qts | >= unspecified < 4.3.6.1218 | 4.3.6.1218 |
| qnap_systems_inc | qts | >= unspecified < 4.3.4.1190 | 4.3.4.1190 |
| qnap_systems_inc | qts | >= unspecified < 4.3.3.1161 | 4.3.3.1161 |
| qnap_systems_inc | qts | >= unspecified < 4.2.6 | 4.2.6 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability target is QNAP NAS File Station — HTTP requests to File Station endpoints should be inspected for injected script content in parameters ↗
- ·Fixed in QTS 4.4.2.1231 build 20200302; QTS 4.4.1.1201 build 20200130; QTS 4.3.6.1218 build 20200214; QTS 4.3.4.1190 build 20200107; QTS 4.3.3.1161 build 20200109; QTS 4.2.6 build 20200109 — any QNAP NAS running versions prior to these builds remains vulnerable ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vulncheck6.1MEDIUM
cisa6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-8h8x-7j55-4jp9: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code
ghsa_unreviewed·2022-05-24
CVE-2018-19953 [MEDIUM] CWE-79 GHSA-8h8x-7j55-4jp9: If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.
VulnCheck
QNAP NAS File Station Cross-Site Scripting Vulnerability
vulncheck·2018·CVSS 6.1
CVE-2018-19953 [MEDIUM] CWE-79 QNAP NAS File Station Cross-Site Scripting Vulnerability
QNAP NAS File Station Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.
Affected: QNAP QNAP Network-Attached Storage (NAS)
Required Action: Apply updates per vendor instructions.
Known Ransomware Campaign Use: Known
Exploitation References: https://cybersecurityworks.com/howdymanage/uploads/file/ransomware-_-2022-spotlight-report_compressed.pdf; https://cybersecurityworks.com/howdymanage/uploads/file/RansomwareUpdate%20Report%202022%20Q1.pdf; https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2022-06-14
CISA
QNAP NAS File Station Cross-Site Scripting Vulnerability
cisa·2022-05-24·CVSS 6.1
CVE-2018-19953 [MEDIUM] CWE-79 QNAP NAS File Station Cross-Site Scripting Vulnerability
Vulnerability: QNAP NAS File Station Cross-Site Scripting Vulnerability
Affected: QNAP Network Attached Storage (NAS)
A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-19953
Remediation Due Date: 2022-06-14
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-10-28
Published
2022-05-24
Added to CISA KEV
Exploited in the wild