CVE-2018-0712
CVE-2018-0712
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 2.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
21 Jun 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS.
Affected products
QNAP · LDAP Server in QTS