Unrated severityNVD Advisory· Published Nov 26, 2021· Updated Sep 17, 2024

Command Injection Vulnerability in VioStor

CVE-2021-38685

Description

A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR FW 5.1.6 build 20211109 and later

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Qnap/QVRllm-create
Range: <5.1.6
Qnap/VioStorllm-fuzzy
Range: <5.1.6
QNAP Systems Inc./QVRv5
Range: unspecified

Patches

Vulnerability mechanics

References

www.qnap.com/en/security-advisory/qsa-21-51mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000