A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later)
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/zh-tw/security-advisory/qsa-21-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2021-01-11T14:24:02.569986Z
Updated: 2024-09-16T18:54:05.192Z
Reserved: 2019-12-09T00:00:00
Link: CVE-2020-2508
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-01-11T15:15:13.060
Modified: 2021-01-14T21:45:43.747
Link: CVE-2020-2508
Redhat
No data.