Compatibility

• QTS 4.3.3 is the final available firmware version for the following NAS models: TS-112P, TAS-168, TAS-268. QNAP will keep releasing security updates for these models until the end of support. For details, see https://www.qnap.com/en/product/eol.php.

Important Notes

• For the status of QTS updates and maintenance for your NAS model, visit https://www.qnap.com/en/product/eol.php

Fixed Issues

• Fixed a command injection vulnerability (CVE-2018-19949).
• Fixed a stored cross-site scripting vulnerability in user description (CVE-2018-19953).
• Fixed a stored cross-site scripting vulnerability in File Station (CVE-2018-19943).
• Fixed multiple vulnerabilities in PHP: arbitrary command injection (CVE-2018-19518), denial of service (CVE-2018-19935), and heap buffer over-read (CVE-2018-20783).
• Fixed a vulnerability concerning PHP unsupported version detection.