Unrated severityNVD Advisory· Published Dec 1, 2022· Updated Apr 14, 2025
OS command injection in ASUS M25 NAS
CVE-2022-4221
Description
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.