Qnap QTS and QuTS hero Improper Neutralization of Special Elements used in an OS Command (CVE-2025-47212)
A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...