CVE-2019-7183

This improper link resolution vulnerability allows remote attackers to access system files. To fix this vulnerability, QNAP recommend updating QTS to their latest versions.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
qnapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
qnapqts
4.2.6
qnapqts
4.3.3.0868
qnapqts
4.3.3.0998
qnapqts
4.3.4.0899
qnapqts
4.3.4.1029
qnapqts
4.3.6.0895
qnapqts
4.3.6.0907
qnapqts
4.3.6.0923
qnapqts
4.3.6.0944
qnapqts
4.3.6.0959
qnapqts
4.3.6.0979
qnapqts
4.3.6.0993
qnapqts
4.3.6.1013
qnapqts
4.3.6.1033
qnapqts
4.4.1.0948:beta
qnapqts
4.4.1.0949:beta
qnapqts
4.4.1.0978:beta_2
qnapqts
4.4.1.0998:beta_3
qnapqts
4.4.1.0999:beta_3
qnapqts
4.4.1.1031:beta_4
qnapqts
4.4.1.1033:beta_4
qnapqts
4.4.1.1064
qnapqts
4.4.1.1081
qnapqts
4.4.1.1086
qnapqts
4.4.1.1101
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.qnap.com/zh-tw/security-advisory/nas-201911-27
https://www.qnap.com/zh-tw/security-advisory/nas-201911-27