CVE-2020-2509 | Cybersecurity Alerts | Nexus IT Services, LLC

← Back to Cybersecurity Alerts

CVE-2020-2509

QNAP | QNAP Network-Attached Storage (NAS)Added 2022-04-11Remediation Deadline 2022-05-02

QNAP Network-Attached Storage (NAS) Command Injection Vulnerability

QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-77

CWE-78

References

https://nvd.nist.gov/vuln/detail/CVE-2020-2509