CVE-2020-25847 - Qnap Quts Hero and Qnap Qts
Critical 8.8
This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application. QNAP have already fixed this vulnerability in the following versions of QTS and QuTS hero.
Affected software
Qnap Quts Hero
Qnap Qts