CVE-2020-2507
published 2021-02-03CVE-2020-2507: The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qnap | helpdesk | < 3.0.3 | 3.0.3 |
| qnap_systems_inc | helpdesk | >= unspecified < 3.0.3 | 3.0.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL