All the vulnerabilites related to QNAP - Helpdesk in QTS
cve-2018-0714
Vulnerability from cvelistv5
Published
2018-08-13 13:00
Modified
2024-09-16 16:27
Severity ?
EPSS score ?
Summary
Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.qnap.com/zh-tw/security-advisory/nas-201808-13 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | QNAP | Helpdesk in QTS |
Version: Helpdesk versions 1.1.21 and earlier in QTS 4.2.6: build 20180531, QTS 4.3.3: build 20180528, QTS 4.3.4: build 20180528 and earlier versions |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:49.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201808-13"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Helpdesk in QTS",
"vendor": "QNAP",
"versions": [
{
"status": "affected",
"version": "Helpdesk versions 1.1.21 and earlier in QTS 4.2.6: build 20180531, QTS 4.3.3: build 20180528, QTS 4.3.4: build 20180528 and earlier versions"
}
]
}
],
"datePublic": "2018-08-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-13T12:57:01",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201808-13"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2018-08-13T00:00:00",
"ID": "CVE-2018-0714",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Helpdesk in QTS",
"version": {
"version_data": [
{
"version_value": "Helpdesk versions 1.1.21 and earlier in QTS 4.2.6: build 20180531, QTS 4.3.3: build 20180528, QTS 4.3.4: build 20180528 and earlier versions"
}
]
}
}
]
},
"vendor_name": "QNAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS 4.3.3 build 20180528, QTS 4.3.4 build 20180528 and their earlier versions could allow remote attackers to run arbitrary commands in the compromised application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.qnap.com/zh-tw/security-advisory/nas-201808-13",
"refsource": "CONFIRM",
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201808-13"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2018-0714",
"datePublished": "2018-08-13T13:00:00Z",
"dateReserved": "2017-11-28T00:00:00",
"dateUpdated": "2024-09-16T16:27:50.158Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}