claytonvantol.us
SESSION: secure TLS: 1.3 PID: 1337

clayton@site:~/news$ cat cve-2020-2509-qnap-qnap-network-attached-storage-nas.log

CVE-2020-2509 — QNAP Network-Attached Storage (NAS) Command Injection Vulnerability

2022-04-11 • CISA Known Exploited Vulnerability

[event] QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution.

> AFFECTED SOFTWARE

Field Value
Vendor QNAP
Product QNAP Network-Attached Storage (NAS)
CWE CWE-77, CWE-78
CVE ID CVE-2020-2509
Date Added 2022-04-11
Due Date 2022-05-02
Ransomware Campaign Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-05-02

> REFERENCES

← back to terminal

UPTIME: 1337d v2.0.1 privacy LAST LOGIN: 2026-05-30 20:36:13 UTC