Sign-up

ID

VAR-202011-1207


CVE

CVE-2018-19951


TITLE

QNAP Systems TS-870 cross-site scripting vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-62933 // CNNVD: CNNVD-201909-925

DESCRIPTION

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Music Station versions prior to 5.1.13; versions prior to 5.2.9; versions prior to 5.3.11. Music Station Exists in a cross-site scripting vulnerability.Information may be obtained and tampered with. QNAP Systems TS-870 is a NAS (Network Attached Storage) device of China QNAP Systems. The vulnerability stems from the lack of correct verification of client data in the WEB application. An attacker can use this vulnerability to execute client code

Trust: 2.25

sources: NVD: CVE-2018-19951 // JVNDB: JVNDB-2018-016470 // CNVD: CNVD-2020-62933 // VULMON: CVE-2018-19951

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-62933

AFFECTED PRODUCTS

vendor:qnapmodel:music stationscope:ltversion:5.2.9

Trust: 1.0

vendor:qnapmodel:music stationscope:gteversion:5.3.0

Trust: 1.0

vendor:qnapmodel:music stationscope:ltversion:5.3.11

Trust: 1.0

vendor:qnapmodel:music stationscope:ltversion:5.1.13

Trust: 1.0

vendor:qnapmodel:music stationscope:gteversion:5.2.0

Trust: 1.0

vendor:qnapmodel:music stationscope:eqversion:5.1.13

Trust: 0.8

vendor:qnapmodel:music stationscope:eqversion:5.2.9

Trust: 0.8

vendor:qnapmodel:music stationscope:eqversion:5.3.11

Trust: 0.8

vendor:qnapmodel:systems ts-870scope:eqversion:4.3.4.0486

Trust: 0.6

sources: CNVD: CNVD-2020-62933 // JVNDB: JVNDB-2018-016470 // NVD: CVE-2018-19951

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-19951
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2018-016470
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2020-62933
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201909-925
value: MEDIUM

Trust: 0.6

VULMON: CVE-2018-19951
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2018-19951
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2018-016470
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-62933
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2018-19951
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.1

Trust: 1.0

NVD: JVNDB-2018-016470
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-62933 // VULMON: CVE-2018-19951 // JVNDB: JVNDB-2018-016470 // CNNVD: CNNVD-201909-925 // NVD: CVE-2018-19951

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

problemtype:CWE-80

Trust: 1.0

sources: JVNDB: JVNDB-2018-016470 // NVD: CVE-2018-19951

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201909-925

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201909-925

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-016470

PATCH
title:QSA-20-10url:https://www.qnap.com/en/security-advisory/qsa-20-10
Trust: 0.8
title: - url:https://github.com/Live-Hack-CVE/CVE-2018-19951 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-19951 // 
            
            
            
            JVNDB: JVNDB-2018-016470

EXTERNAL IDS
db:NVDid:CVE-2018-19951
Trust: 3.1
db:JVNDBid:JVNDB-2018-016470
Trust: 0.8
db:CNVDid:CNVD-2020-62933
Trust: 0.6
db:CNNVDid:CNNVD-201909-925
Trust: 0.6
db:VULMONid:CVE-2018-19951
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-62933 // 
            
            
            
            VULMON: CVE-2018-19951 // 
            
            
            
            JVNDB: JVNDB-2018-016470 // 
            
            
            
            CNNVD: CNNVD-201909-925 // 
            
            
            
            NVD: CVE-2018-19951

REFERENCES
url:https://www.qnap.com/en/security-advisory/qsa-20-10
Trust: 2.3
url:https://nvd.nist.gov/vuln/detail/cve-2018-19951
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19951
Trust: 0.8
url:https://www.securityevaluators.com/whitepaper/sohopelessly-broken-2/
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/79.html
Trust: 0.1
url:https://github.com/live-hack-cve/cve-2018-19951
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2020-62933 // 
            
            
            
            VULMON: CVE-2018-19951 // 
            
            
            
            JVNDB: JVNDB-2018-016470 // 
            
            
            
            CNNVD: CNNVD-201909-925 // 
            
            
            
            NVD: CVE-2018-19951

CREDITS
Rick Ramgattie,Shaun Mirani, Joshua Meyer, and Ian Sindermann
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201909-925

SOURCES
db:CNVDid:CNVD-2020-62933
db:VULMONid:CVE-2018-19951
db:JVNDBid:JVNDB-2018-016470
db:CNNVDid:CNNVD-201909-925
db:NVDid:CVE-2018-19951

LAST UPDATE DATE
2024-11-23T22:20:59.617000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-62933date:2020-11-13T00:00:00
db:VULMONid:CVE-2018-19951date:2022-11-16T00:00:00
db:JVNDBid:JVNDB-2018-016470date:2020-11-30T06:10:21
db:CNNVDid:CNNVD-201909-925date:2020-11-04T00:00:00
db:NVDid:CVE-2018-19951date:2024-11-21T03:58:52.500

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-62933date:2020-11-13T00:00:00
db:VULMONid:CVE-2018-19951date:2020-11-02T00:00:00
db:JVNDBid:JVNDB-2018-016470date:2020-11-30T06:10:21
db:CNNVDid:CNNVD-201909-925date:2019-09-16T00:00:00
db:NVDid:CVE-2018-19951date:2020-11-02T16:15:13.100