CVE-2021-28804
Command Injection Vulnerabilities in QTS and QuTS hero
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. This issue affects: QNAP Systems Inc. QTS versions prior to 4.5.1.1540 build 20210107. QNAP Systems Inc. QuTS hero versions prior to h4.5.1.1582 build 20210217.
Se ha reportado de una vulnerabilidad de inyección de comandos que afecta a QTS y QuTS hero. Si es explotada, esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios en una aplicación comprometida. Este problema afecta a: QNAP Systems Inc. versiones de QTS anteriores a 4.5.1.1540 build 20210107. QNAP Systems Inc. QuTS hero versiones anteriores a h4.5.1.1582 build 20210217
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-03-18 CVE Reserved
- 2021-07-01 CVE Published
- 2024-03-16 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.qnap.com/zh-tw/security-advisory/qsa-21-29 | 2021-07-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | <= 4.5.1.1540 Search vendor "Qnap" for product "Qts" and version " <= 4.5.1.1540" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | <= h4.5.1.1582 Search vendor "Qnap" for product "Quts Hero" and version " <= h4.5.1.1582" | - |
Affected
|