CVE-2020-2509 - QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
Project:QNAP
Product:QNAP Network-Attached Storage (NAS)
Date Added:2022-04-11Due Date:2022-05-02
Vulnerability Name
QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
Description
QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-2509