PT-2019-18462 · Qnap · Qnap Netbak Replicator
Published
2019-12-04
·
Updated
2023-03-01
·
CVE-2019-7201
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
QNAP NetBak Replicator versions prior to 4.5.12.1108
Description
An unquoted service path issue affects the QVssService in QNAP NetBak Replicator, allowing an authorized but non-privileged local user to execute arbitrary code with elevated system privileges.
Recommendations
For versions prior to 4.5.12.1108, update to QNAP NetBak Replicator version 4.5.12.1108 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qnap Netbak Replicator