An OS command injection vulnerability has been reported...
Moderate severity
Unreviewed
Published
Nov 10, 2023
to the GitHub Advisory Database
•
Updated Nov 10, 2023
Description
Published by the National Vulnerability Database
Nov 10, 2023
Published to the GitHub Advisory Database
Nov 10, 2023
Last updated
Nov 10, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2376 build 20230421 and later
QuTS hero h5.0.1.2376 build 20230421 and later
QuTScloud c5.1.0.2498 and later
References