Описание
A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2.0.1.13077 (включая) до 2.0.5.0906 (включая)
cpe:2.3:a:qnap:qunetswitch:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.0036
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
18 дней назад
A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later
EPSS
Процентиль: 58%
0.0036
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-78