CVE-2020-25847

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt