2 results (0.022 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later Si se explota, esta vulnerabilidad de inyección de comandos podría permitir a los atacantes remotos ejecutar comandos arbitrarios. Roon Labs ya ha corregido esta vulnerabilidad en las siguientes versiones: Roon Server 2021-05-18 y posteriores • https://www.qnap.com/zh-tw/security-advisory/qsa-21-17 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

If exploited, this vulnerability allows an attacker to access resources which are not otherwise accessible without proper authentication. Roon Labs has already fixed this vulnerability in the following versions: Roon Server 2021-05-18 and later Si se explota, esta vulnerabilidad permite a un atacante acceder a recursos que no son accesibles de otro modo sin una autenticación adecuada. Roon Labs ya ha corregido esta vulnerabilidad en las siguientes versiones: Roon Server 2021-05-18 y posteriores • https://www.qnap.com/zh-tw/security-advisory/qsa-21-17 • CWE-290: Authentication Bypass by Spoofing •