An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QTS 184.108.40.2066 build 20230421 and later
QTS 220.127.116.114 build 20230416 and later
QuTS hero h18.104.22.1686 build 20230421 and later
QuTS hero h22.214.171.1244 build 20230417 and later
QuTScloud c126.96.36.1994 and later