CNNVD-202510-435 Information

CNNVD ID

CNNVD-202510-435

Related CVE

CVE-2025-47212

• CNNVD Published: 2025-10-03

Description (Chinese)

QNAP operating system是中国台湾威联通科技（QNAP）公司的一个操作系统。 QNAP operating system存在操作系统命令注入漏洞，该漏洞源于远程攻击者获得管理员账户后可能执行任意命令。

Description (English)

QNAP operating system is an operating system of QNAP. QNAP operating system contains a loophole in the OS command, which arises from the possibility of carrying out arbitrary orders when the remote assailant obtains the administrator ’ s account.

Hazard Level

Medium

Vulnerability Type

操作系统命令注入

Affected Vendor

威联通科技

Published

2025-10-03

Last Modified

2026-02-24

References

https://www.qnap.com/en/security-advisory/qsa-25-36

Patch

https://www.qnap.com/en/security-advisory/qsa-25-36