← ExploitWatch
HomeExploited Vulnerabilities

CVE-2018-19949 — Actively Exploited: Network Attached Storage (NAS) (QNAP)

A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.

CVE IDCVE-2018-19949
VendorQNAP
ProductNetwork Attached Storage (NAS)
Vulnerability nameQNAP NAS File Station Command Injection Vulnerability
Date added2022-05-24
Remediation due2022-06-14
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionA command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →