If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2490
Reference (s):
- https://www.qnap.com/en/security-advisory/qsa-20-09
- URL: https://www.qnap.com/en/security-advisory/qsa-20-09