Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2017-7876

This command injection vulnerability in QTS allows attackers to run arbitrary commands in the compromised application. QNAP have already fixed the issue in QTS 4.2.6 build 20170517, QTS 4.3.3.0174 build 20170503 and later versions.

  • Published: Jun 15, 2017
  • Updated: May 19, 2024
  • CVE: CVE-2017-7876
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
qnap / qts - 4.2.6.x