CVE-2019-7197

EPSS 0.30% · P54 Updated Feb 23, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-7197

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A stored cross-site scripting (XSS) vulnerability has been reported to affect multiple versions of QTS. If exploited, this vulnerability may allow an attacker to inject and execute scripts on the administrator console. To fix this vulnerability, QNAP recommend updating QTS to the latest version.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

QNAP Systems QNAP QTS 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

QNAP Systems QNAP QTS是中国威联通（QNAP Systems）公司的一套Turbo NAS作业系统。该系统可提供档案储存、管理、备份，多媒体应用及安全监控等功能。 QNAP Systems QNAP QTS中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	QNAP NAS devices	QTS 4.4.1: before build 20190918, QTS 4.3.6: before build 20190919, QTS 4.3.4: before build 20190921, QTS 4.3.3: before build 20190921, QTS 4.2.6: before build 20190921	-

II. Public POCs for CVE-2019-7197

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-7197

请登录查看更多情报信息。

https://www.qnap.com/zh-tw/security-advisory/nas-201911-26x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2019-7197

Same Patch Batch · n/a · 2019-12-04 · 26 CVEs total

CVE-2019-19229		Fronius Solar Inverter 路径遍历漏洞
CVE-2019-18850		TrevorC2 信息泄露漏洞
CVE-2019-14909		Red Hat Keycloak 授权问题漏洞
CVE-2019-15638		COPA-DATA zenone32 zenon Editor 代码问题漏洞
CVE-2019-19555		Xfig fig2dev 缓冲区错误漏洞
CVE-2018-0728		Helpdesk 访问控制错误漏洞
CVE-2018-0729		QNAP Systems QNAP Music Station 注入漏洞
CVE-2018-0730		QNAP Systems QNAP QTS File Station 注入漏洞
CVE-2019-7201		QNAP Systems QNAP NetBak Replicator 代码问题漏洞
CVE-2019-18346		DAViCal 跨站请求伪造漏洞
CVE-2019-18347		DAViCal 跨站脚本漏洞
CVE-2019-19576		verot.net class.upload 代码问题漏洞
CVE-2019-19364		Sony Catalyst Production Suite和Catalyst Browse 代码问题漏洞
CVE-2019-19587		WSO2 Enterprise Integrator 跨站脚本漏洞
CVE-2019-19228		Fronius Solar Inverter 安全漏洞
CVE-2019-19133		WordPress CSS Hero 跨站脚本漏洞
CVE-2019-16753		Decentralized Anonymous Payment System 数据伪造问题漏洞
CVE-2019-16752		Decentralized Anonymous Payment System 跨站请求伪造漏洞
CVE-2019-11216		BMC Smart Reporting 代码问题漏洞
CVE-2019-19579		Xen 输入验证错误漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: QNAP NAS devices

Same vendor: n/a

V. Comments for CVE-2019-7197

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-7197

I. Basic Information for CVE-2019-7197

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-7197

III. Intelligence Information for CVE-2019-7197

Same Patch Batch · n/a · 2019-12-04 · 26 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-7197

Leave a comment