PT-2018-9032 · Qnap · Qnap Qts
Publicado
2018-06-21
·
Atualizado
2019-10-03
·
CVE-2018-0712
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
QNAP QTS versions prior to 4.3.4 build 20180413
Description
A command injection issue in the LDAP Server of QNAP QTS could allow remote attackers to execute arbitrary commands or install malware on the NAS.
Recommendations
For QNAP QTS versions prior to 4.3.4 build 20180413, update to a version newer than 4.3.4 build 20180413 to resolve the issue.
Correção
Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Qnap Qts