CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19943

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.103

EPSS Ranking 92.8%

CVSS Severity

CVSS v3 Score 8.0

CVSS v2 Score 3.5

Proposed Action

A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.

Ransomware Campaign

Known

References

Products affected by CVE-2018-19943

Qnap » Qts » Version: N/A

cpe:2.3:o:qnap:qts:-
Qnap » Qts » Version: 4.0

cpe:2.3:o:qnap:qts:4.0
Qnap » Qts » Version: 4.0.3

cpe:2.3:o:qnap:qts:4.0.3
Qnap » Qts » Version: 4.1.0

cpe:2.3:o:qnap:qts:4.1.0
Qnap » Qts » Version: 4.1.1

cpe:2.3:o:qnap:qts:4.1.1
Qnap » Qts » Version: 4.1.4

cpe:2.3:o:qnap:qts:4.1.4
Qnap » Qts » Version: 4.2.0

cpe:2.3:o:qnap:qts:4.2.0
Qnap » Qts » Version: 4.2.1

cpe:2.3:o:qnap:qts:4.2.1
Qnap » Qts » Version: 4.2.2

cpe:2.3:o:qnap:qts:4.2.2
Qnap » Qts » Version: 4.2.3

cpe:2.3:o:qnap:qts:4.2.3
Qnap » Qts » Version: 4.2.4

cpe:2.3:o:qnap:qts:4.2.4
Qnap » Qts » Version: 4.2.6

cpe:2.3:o:qnap:qts:4.2.6
Qnap » Qts » Version: 4.3.1.0013

cpe:2.3:o:qnap:qts:4.3.1.0013
Qnap » Qts » Version: 4.3.1.0023

cpe:2.3:o:qnap:qts:4.3.1.0023
Qnap » Qts » Version: 4.3.2.0050

cpe:2.3:o:qnap:qts:4.3.2.0050
Qnap » Qts » Version: 4.3.2.0060

cpe:2.3:o:qnap:qts:4.3.2.0060
Qnap » Qts » Version: 4.3.2.0144

cpe:2.3:o:qnap:qts:4.3.2.0144
Qnap » Qts » Version: 4.3.3

cpe:2.3:o:qnap:qts:4.3.3
Qnap » Qts » Version: 4.3.3.0095

cpe:2.3:o:qnap:qts:4.3.3.0095
Qnap » Qts » Version: 4.3.3.0096

cpe:2.3:o:qnap:qts:4.3.3.0096
Qnap » Qts » Version: 4.3.3.0136

cpe:2.3:o:qnap:qts:4.3.3.0136
Qnap » Qts » Version: 4.3.3.0154

cpe:2.3:o:qnap:qts:4.3.3.0154
Qnap » Qts » Version: 4.3.3.0174

cpe:2.3:o:qnap:qts:4.3.3.0174
Qnap » Qts » Version: 4.3.3.0188

cpe:2.3:o:qnap:qts:4.3.3.0188
Qnap » Qts » Version: 4.3.3.0210

cpe:2.3:o:qnap:qts:4.3.3.0210
Qnap » Qts » Version: 4.3.3.0229

cpe:2.3:o:qnap:qts:4.3.3.0229
Qnap » Qts » Version: 4.3.3.0238

cpe:2.3:o:qnap:qts:4.3.3.0238
Qnap » Qts » Version: 4.3.3.0262

cpe:2.3:o:qnap:qts:4.3.3.0262
Qnap » Qts » Version: 4.3.3.0299

cpe:2.3:o:qnap:qts:4.3.3.0299
Qnap » Qts » Version: 4.3.3.0351

cpe:2.3:o:qnap:qts:4.3.3.0351
Qnap » Qts » Version: 4.3.3.0353

cpe:2.3:o:qnap:qts:4.3.3.0353
Qnap » Qts » Version: 4.3.3.0361

cpe:2.3:o:qnap:qts:4.3.3.0361
Qnap » Qts » Version: 4.3.3.0369

cpe:2.3:o:qnap:qts:4.3.3.0369
Qnap » Qts » Version: 4.3.3.0378

cpe:2.3:o:qnap:qts:4.3.3.0378
Qnap » Qts » Version: 4.3.3.0396

cpe:2.3:o:qnap:qts:4.3.3.0396
Qnap » Qts » Version: 4.3.3.0404

cpe:2.3:o:qnap:qts:4.3.3.0404
Qnap » Qts » Version: 4.3.3.0416

cpe:2.3:o:qnap:qts:4.3.3.0416
Qnap » Qts » Version: 4.3.3.0418

cpe:2.3:o:qnap:qts:4.3.3.0418
Qnap » Qts » Version: 4.3.3.0448

cpe:2.3:o:qnap:qts:4.3.3.0448
Qnap » Qts » Version: 4.3.3.0514

cpe:2.3:o:qnap:qts:4.3.3.0514
Qnap » Qts » Version: 4.3.3.0546

cpe:2.3:o:qnap:qts:4.3.3.0546
Qnap » Qts » Version: 4.3.3.0570

cpe:2.3:o:qnap:qts:4.3.3.0570
Qnap » Qts » Version: 4.3.3.0868

cpe:2.3:o:qnap:qts:4.3.3.0868
Qnap » Qts » Version: 4.3.3.0998

cpe:2.3:o:qnap:qts:4.3.3.0998
Qnap » Qts » Version: 4.3.3.1051

cpe:2.3:o:qnap:qts:4.3.3.1051
Qnap » Qts » Version: 4.3.3.1098

cpe:2.3:o:qnap:qts:4.3.3.1098
Qnap » Qts » Version: 4.3.3.1161

cpe:2.3:o:qnap:qts:4.3.3.1161
Qnap » Qts » Version: 4.3.4

cpe:2.3:o:qnap:qts:4.3.4
Qnap » Qts » Version: 4.3.4.0358

cpe:2.3:o:qnap:qts:4.3.4.0358
Qnap » Qts » Version: 4.3.4.0370

cpe:2.3:o:qnap:qts:4.3.4.0370
Qnap » Qts » Version: 4.3.4.0372

cpe:2.3:o:qnap:qts:4.3.4.0372
Qnap » Qts » Version: 4.3.4.0374

cpe:2.3:o:qnap:qts:4.3.4.0374
Qnap » Qts » Version: 4.3.4.0387

cpe:2.3:o:qnap:qts:4.3.4.0387
Qnap » Qts » Version: 4.3.4.0411

cpe:2.3:o:qnap:qts:4.3.4.0411
Qnap » Qts » Version: 4.3.4.0416

cpe:2.3:o:qnap:qts:4.3.4.0416
Qnap » Qts » Version: 4.3.4.0427

cpe:2.3:o:qnap:qts:4.3.4.0427
Qnap » Qts » Version: 4.3.4.0434

cpe:2.3:o:qnap:qts:4.3.4.0434
Qnap » Qts » Version: 4.3.4.0435

cpe:2.3:o:qnap:qts:4.3.4.0435
Qnap » Qts » Version: 4.3.4.0451

cpe:2.3:o:qnap:qts:4.3.4.0451
Qnap » Qts » Version: 4.3.4.0483

cpe:2.3:o:qnap:qts:4.3.4.0483
Qnap » Qts » Version: 4.3.4.0486

cpe:2.3:o:qnap:qts:4.3.4.0486
Qnap » Qts » Version: 4.3.4.0506

cpe:2.3:o:qnap:qts:4.3.4.0506
Qnap » Qts » Version: 4.3.4.0516

cpe:2.3:o:qnap:qts:4.3.4.0516
Qnap » Qts » Version: 4.3.4.0526

cpe:2.3:o:qnap:qts:4.3.4.0526
Qnap » Qts » Version: 4.3.4.0551

cpe:2.3:o:qnap:qts:4.3.4.0551
Qnap » Qts » Version: 4.3.4.0557

cpe:2.3:o:qnap:qts:4.3.4.0557
Qnap » Qts » Version: 4.3.4.0561

cpe:2.3:o:qnap:qts:4.3.4.0561
Qnap » Qts » Version: 4.3.4.0569

cpe:2.3:o:qnap:qts:4.3.4.0569
Qnap » Qts » Version: 4.3.4.0593

cpe:2.3:o:qnap:qts:4.3.4.0593
Qnap » Qts » Version: 4.3.4.0597

cpe:2.3:o:qnap:qts:4.3.4.0597
Qnap » Qts » Version: 4.3.4.0604

cpe:2.3:o:qnap:qts:4.3.4.0604
Qnap » Qts » Version: 4.3.4.0899

cpe:2.3:o:qnap:qts:4.3.4.0899
Qnap » Qts » Version: 4.3.4.1029

cpe:2.3:o:qnap:qts:4.3.4.1029
Qnap » Qts » Version: 4.3.4.1082

cpe:2.3:o:qnap:qts:4.3.4.1082
Qnap » Qts » Version: 4.3.4.1190

cpe:2.3:o:qnap:qts:4.3.4.1190
Qnap » Qts » Version: 4.3.6

cpe:2.3:o:qnap:qts:4.3.6
Qnap » Qts » Version: 4.3.6.0895

cpe:2.3:o:qnap:qts:4.3.6.0895
Qnap » Qts » Version: 4.3.6.0907

cpe:2.3:o:qnap:qts:4.3.6.0907
Qnap » Qts » Version: 4.3.6.0923

cpe:2.3:o:qnap:qts:4.3.6.0923
Qnap » Qts » Version: 4.3.6.0944

cpe:2.3:o:qnap:qts:4.3.6.0944
Qnap » Qts » Version: 4.3.6.0959

cpe:2.3:o:qnap:qts:4.3.6.0959
Qnap » Qts » Version: 4.3.6.0979

cpe:2.3:o:qnap:qts:4.3.6.0979
Qnap » Qts » Version: 4.3.6.0993

cpe:2.3:o:qnap:qts:4.3.6.0993
Qnap » Qts » Version: 4.3.6.1013

cpe:2.3:o:qnap:qts:4.3.6.1013
Qnap » Qts » Version: 4.3.6.1033

cpe:2.3:o:qnap:qts:4.3.6.1033
Qnap » Qts » Version: 4.3.6.1070

cpe:2.3:o:qnap:qts:4.3.6.1070
Qnap » Qts » Version: 4.3.6.1154

cpe:2.3:o:qnap:qts:4.3.6.1154
Qnap » Qts » Version: 4.3.6.1218

cpe:2.3:o:qnap:qts:4.3.6.1218
Qnap » Qts » Version: 4.4.0

cpe:2.3:o:qnap:qts:4.4.0
Qnap » Qts » Version: 4.4.0.0883

cpe:2.3:o:qnap:qts:4.4.0.0883
Qnap » Qts » Version: 4.4.0.0931

cpe:2.3:o:qnap:qts:4.4.0.0931
Qnap » Qts » Version: 4.4.0.0979

cpe:2.3:o:qnap:qts:4.4.0.0979
Qnap » Qts » Version: 4.4.1

cpe:2.3:o:qnap:qts:4.4.1
Qnap » Qts » Version: 4.4.1.0948

cpe:2.3:o:qnap:qts:4.4.1.0948
Qnap » Qts » Version: 4.4.1.0949

cpe:2.3:o:qnap:qts:4.4.1.0949
Qnap » Qts » Version: 4.4.1.0978

cpe:2.3:o:qnap:qts:4.4.1.0978
Qnap » Qts » Version: 4.4.1.0998

cpe:2.3:o:qnap:qts:4.4.1.0998
Qnap » Qts » Version: 4.4.1.0999

cpe:2.3:o:qnap:qts:4.4.1.0999
Qnap » Qts » Version: 4.4.1.1031

cpe:2.3:o:qnap:qts:4.4.1.1031
Qnap » Qts » Version: 4.4.1.1033

cpe:2.3:o:qnap:qts:4.4.1.1033
Qnap » Qts » Version: 4.4.1.1064

cpe:2.3:o:qnap:qts:4.4.1.1064
Qnap » Qts » Version: 4.4.1.1081

cpe:2.3:o:qnap:qts:4.4.1.1081
Qnap » Qts » Version: 4.4.1.1086

cpe:2.3:o:qnap:qts:4.4.1.1086
Qnap » Qts » Version: 4.4.1.1101

cpe:2.3:o:qnap:qts:4.4.1.1101
Qnap » Qts » Version: 4.4.1.1117

cpe:2.3:o:qnap:qts:4.4.1.1117
Qnap » Qts » Version: 4.4.1.1146

cpe:2.3:o:qnap:qts:4.4.1.1146
Qnap » Qts » Version: 4.4.1.1201

cpe:2.3:o:qnap:qts:4.4.1.1201
Qnap » Qts » Version: 4.4.1.1216

cpe:2.3:o:qnap:qts:4.4.1.1216
Qnap » Qts » Version: 4.4.2

cpe:2.3:o:qnap:qts:4.4.2
Qnap » Qts » Version: 4.4.2.1231

cpe:2.3:o:qnap:qts:4.4.2.1231

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19943

Products

Pricing

Contact Us