CVE-2020-2509

QNAP Network-Attached Storage (NAS) Command Injection Vulnerability

QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution. Vendor/Product: QNAP QNAP Network-Attached Storage (NAS). Added to CISA KEV 2022-04-11; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2020-2509