CVE-2022-27596

QNAP QTS and QuTS hero SQL Injection Vulnerability (CVE-2022-27596) Notice

February 3, 2023

Overview On January 31, 2023, NSFOCUS CERT detected that QNAP officially released a QNAP QTS and QuTS hero SQL injection vulnerability (CVE-2022-27596) notice. Due to the flaws in QNAP QTS and QuTS hero, unauthenticated remote attackers can use this vulnerability to inject malicious code on QNAP NAS devices, and ultimately achieve arbitrary code execution. The […]

Search

Subscribe to the NSFOCUS Blog