A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later)
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: qnap

Published: 2021-01-11T14:24:02.569986Z

Updated: 2024-09-16T18:54:05.192Z

Reserved: 2019-12-09T00:00:00

Link: CVE-2020-2508

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2021-01-11T15:15:13.060

Modified: 2021-01-14T21:45:43.747

Link: CVE-2020-2508

cve-icon Redhat

No data.