This improper input validation vulnerability allows remote attackers to inject arbitrary code to the system. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.
[
{
"product": "QNAP NAS devices",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "QTS 4.4.0 - QTS 4.4.1: before build 20190918, QTS 4.3.6: before build 20190919"
}
]
}
]