CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-13068

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.4%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://www.qnap.com/en/security-advisory/nas-201709-29
https://www.qnap.com/en/security-advisory/nas-201709-29

Products affected by CVE-2017-13068

Qnap » Qts Helpdesk » Version: 1.1.12

cpe:2.3:a:qnap:qts_helpdesk:1.1.12

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-13068

Products

Pricing

Contact Us