cbcvebase.
CVE-2020-2509
published 2021-04-17

CVE-2020-2509: A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary…

PriorityP197critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITWEXPLOITRansomwareInitial access
CISA Known Exploited Vulnerabilitydue 2022-05-02
Exploited in the wild
EPSS
34.17%
98.2th percentile
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later

Affected

79 ranges· showing 25
VendorProductVersion rangeFixed in
qnapqts< 4.2.64.2.6
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability class is command injection on QNAP QTS and QuTS hero NAS devices; monitor for unexpected process spawning from NAS web application processes (e.g., shell commands executed by the NAS management interface)
  • QNAP NAS devices exposed to the network should be monitored for anomalous outbound connections or remote code execution indicators, as this vulnerability enables RCE
  • ·Vulnerability affects multiple QTS and QuTS hero firmware branches; patched versions vary per branch — ensure version checks account for all affected lines (QTS 4.2.x, 4.3.3.x, 4.3.4.x, 4.3.6.x, 4.5.1.x, 4.5.2.x, and QuTS hero h4.5.1.x)
  • ·This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active in-the-wild exploitation; treat all unpatched QNAP NAS devices as actively at risk

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.