An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:LQnap Qumagie
APPQnap2.2.0
Related vulnerabilities
SQL Injection w QNAP QuMagie umożliwiający zdalne wykonanie kodu
A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then explo...
An authorization bypass through user-controlled key vulnerability has been reported to affect QuMagie. The rem...
A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then explo...
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker, they can th...