nvd-json-data-feeds/CVE-2020/CVE-2020-25xx/CVE-2020-2509.json

{
  "id": "CVE-2020-2509",
  "sourceIdentifier": "security@qnapsecurity.com.tw",
  "published": "2021-04-17T04:15:11.327",
  "lastModified": "2023-11-14T19:26:49.173",
  "vulnStatus": "Analyzed",
  "cisaExploitAdd": "2022-04-11",
  "cisaActionDue": "2022-05-02",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "QNAP Network-Attached Storage (NAS) Command Injection Vulnerability",
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later"
    },
    {
      "lang": "es",
      "value": "Se ha reportado una vulnerabilidad de inyecci\u00f3n de comando que afecta a QTS y a QuTS hero.&#xa0;Si se explota, esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios en una aplicaci\u00f3n comprometida.&#xa0;Ya hemos corregido esta vulnerabilidad en las siguientes versiones:  QTS versiones 4.5.2.1566 Build 20210202 y posteriores. QTS versiones 4.5.1.1495 Build 20201123 y posteriores. QTS versiones 4.3.6.1620 Build 20210322 y posteriores QTS versiones 4.3.4.1632 Build 20210324 y posteriores QTS versiones 4.3.3.1624 Build 20210416 y posteriores. QTS versiones 4.2.6 Build 20210327 y posteriores. QuTS hero versiones h4.5.1.1491 build 20201119 y posteriores"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ]
    },
    {
      "source": "security@qnapsecurity.com.tw",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        },
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "4.2.6",
              "matchCriteriaId": "3777F6CC-9189-4BC0-B336-62BA1EFB91A7"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.3.5",
              "versionEndExcluding": "4.3.6",
              "matchCriteriaId": "5E4CE6D6-F834-4B65-ADF9-E83C31270788"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.4.0",
              "versionEndExcluding": "4.5.1",
              "matchCriteriaId": "70A079A5-D3A6-408A-830E-4B5F3BA07EFA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "2D3B1E3A-C9E9-4BB8-8BFC-AE1258722F85"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20170517:*:*:*:*:*:*",
              "matchCriteriaId": "8F523E9F-D101-4C29-A624-74E1F3F8CB7D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190322:*:*:*:*:*:*",
              "matchCriteriaId": "1388DBE0-F6BB-44AB-81AC-BFB4E70BE820"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190730:*:*:*:*:*:*",
              "matchCriteriaId": "CF3C4461-C1B6-43A1-BA5E-D6658EFD06EE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190921:*:*:*:*:*:*",
              "matchCriteriaId": "A1F11848-6FED-4D58-A177-36D280C0347C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20191107:*:*:*:*:*:*",
              "matchCriteriaId": "F6259C86-FFDA-40E8-AF0C-33CC8C108DC9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200109:*:*:*:*:*:*",
              "matchCriteriaId": "9E01E157-BDF1-4B00-BA9B-6887C0C7DFF2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200421:*:*:*:*:*:*",
              "matchCriteriaId": "1D1E5368-9587-4E0A-BB65-D88069CA8490"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200611:*:*:*:*:*:*",
              "matchCriteriaId": "B63CE419-871C-4866-8AB1-4BB6461E1D74"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821:*:*:*:*:*:*",
              "matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.0174:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB10F6C0-7CB4-49D2-A1F7-9F3387CD1271"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.0868:*:*:*:*:*:*:*",
              "matchCriteriaId": "1931A1D6-C1E6-410A-9F9E-9FD949D42C58"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.0998:*:*:*:*:*:*:*",
              "matchCriteriaId": "77FFA90F-FDFA-4B73-960F-BEE7A92DB6BA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1051:*:*:*:*:*:*:*",
              "matchCriteriaId": "491E9EA6-45FC-4D65-9C4E-AB62095DC861"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1098:*:*:*:*:*:*:*",
              "matchCriteriaId": "264B823B-E086-464E-A740-68BFB0AB8650"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1161:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5675D7E-1332-445B-BE5A-0506E765E99A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1252:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC246E80-7A88-4D91-989B-2922C70B1378"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1315:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D69E0D-84C1-4988-9D73-2D3F511748D0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1386:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F583384-38B8-4BB8-A957-BC6DBC145AEE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.3.1432:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7D05B71-CAF6-416F-BF92-AB4934474F26"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0358:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1598EB2-E1B4-472F-909F-2C47618EE884"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0358:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "D560B30D-6A9F-4A44-B83B-4FAB02A94830"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0370:*:*:*:*:*:*:*",
              "matchCriteriaId": "A09397C1-338B-499C-BFB5-B758B4FF9617"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0370:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "ACB33269-7F69-45DA-9CF0-B0322FFC577D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0372:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B2D3D89-414E-46AA-8B02-B5FE969508D3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0372:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "3CABE783-B9CA-4E15-8DC2-75C39F214600"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0374:*:*:*:*:*:*:*",
              "matchCriteriaId": "46505B7D-7CF7-4EF0-B52E-18531BF33675"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0374:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "D8B39FE2-79A9-478C-AE83-8D9664A6D1F8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0387:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29246B7-AA5B-4BB2-B096-6B2798420FC8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0387:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "DEA6AF09-BCB3-45EE-A59F-5A6CEFE8CBAC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0411:*:*:*:*:*:*:*",
              "matchCriteriaId": "D339C9BA-E6DA-4116-B6E0-1C25F047FFFD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0416:*:*:*:*:*:*:*",
              "matchCriteriaId": "69859698-F815-489E-A08D-F1E2987C3F7D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0427:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7BCBB16-EAAA-4184-B94C-3E2354BB4D50"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0434:*:*:*:*:*:*:*",
              "matchCriteriaId": "55B35E45-D2B2-45D0-A018-002E5CACEB26"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0435:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DFA308-8071-4F4E-9457-2BBDF455D861"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0451:*:*:*:*:*:*:*",
              "matchCriteriaId": "94F95C29-9AB4-4204-831B-075413055289"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0483:*:*:*:*:*:*:*",
              "matchCriteriaId": "F556C8A6-8595-4207-93BF-2B1E8EEB2196"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0486:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F10A372-65BB-4FD6-940E-671022385757"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0506:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF9514B2-C366-418E-9659-8501ABD6E367"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0516:*:*:*:*:*:*:*",
              "matchCriteriaId": "995F09C6-D7C2-493D-815E-E837B371E2E5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0526:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BCCA5A5-C789-42FE-8652-F03618F095BE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0551:*:*:*:*:*:*:*",
              "matchCriteriaId": "3230EF50-B2CC-4A4D-B353-7BE461BB235D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0557:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DC8B14B-3882-44C4-9CE8-C5D6FC0BE00A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0561:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30204B8-097B-42EB-A7EC-9142F7D41EB0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0569:*:*:*:*:*:*:*",
              "matchCriteriaId": "945AE50D-8745-42B2-9B89-04B21C98657B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0593:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD98EC7-C26E-4AAB-AC6C-56A82C8C2432"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0597:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FDBAE33-D3A8-46C7-8C4E-CB0C12ED08B0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0604:*:*:*:*:*:*:*",
              "matchCriteriaId": "A99818FC-0BC5-45A9-AD55-C02FC0AB1959"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.0899:*:*:*:*:*:*:*",
              "matchCriteriaId": "98DCB45E-6024-4BB6-A40A-1CB871343930"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1029:*:*:*:*:*:*:*",
              "matchCriteriaId": "485AF3DC-126D-464C-A6ED-59746031BCC5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1082:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1AF22BA-1772-4BFC-8BC1-3D626E14288F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1190:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0B2AE2-22D3-4E7A-9F0B-85E8DB82C632"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1282:*:*:*:*:*:*:*",
              "matchCriteriaId": "483FE324-D554-4F10-B6A6-F2C7818FFB83"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1368:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB49B315-B381-47CD-AB70-A5D1DC7649E6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1417:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB92648C-7555-44B7-B35A-F1F1089B4740"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.4.1463:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CB16CBC-B3E1-43B1-91C7-0C183DF01B2F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "A0E214BD-DC96-4B53-9BE7-8DD8F79B4542"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0895:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1AB2488-4D3D-494B-9C93-1AA3C7964644"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0907:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C24D008-D055-4A2C-88D4-85FB6DC45EFE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0923:*:*:*:*:*:*:*",
              "matchCriteriaId": "B64D1A6D-D306-46B8-B345-3D9C38544761"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0944:*:*:*:*:*:*:*",
              "matchCriteriaId": "067C0A13-525C-4376-A6CC-0B86F7F92670"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0959:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BAE62E0-5FA0-4B9F-ACCA-9C8C70AC1F2C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0979:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6023A8C-77A8-4B79-ACC6-872E98CA0D29"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.0993:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAA72D06-4FE1-4DC3-A96B-2975A4A9AF84"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1013:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CD59BCF-E119-4910-90CE-DCA212D146F5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1033:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8F01168-A599-480D-BEB1-FA0195B696E6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1070:*:*:*:*:*:*:*",
              "matchCriteriaId": "732218C9-0DD1-4153-BBC4-F9B8DDE03456"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1154:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEE80D8E-69F2-4AEB-85E1-1B4E64234A45"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1218:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CC2FD13-427C-465C-A829-44224537B6D8"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1263:*:*:*:*:*:*:*",
              "matchCriteriaId": "15182D24-932E-4CC1-A791-DDFCF8B88C49"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1286:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC7B2F4D-4FB2-4DC2-AE97-C6F3081A9A73"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1333:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB3E4B8-CF05-4EE2-A0DD-53FD50145893"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1411:*:*:*:*:*:*:*",
              "matchCriteriaId": "45C0ADAF-C42E-44EC-96B9-A8EA33AAB67D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.3.6.1446:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4A24254-768F-4538-9DD8-26DCDEECF7CF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "58596171-5A5E-4295-A987-DB29944F5877"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.5.1.1456:*:*:*:*:*:*:*",
              "matchCriteriaId": "00084D65-D5B3-4554-AA27-5B4A488845C9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.5.1.1461:*:*:*:*:*:*:*",
              "matchCriteriaId": "A06FF7A8-3932-489B-B2A5-D6E56220A806"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.5.1.1465:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE2D3BD-2743-47E3-96E2-7C7C75439946"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.5.1.1480:*:*:*:*:*:*:*",
              "matchCriteriaId": "90D78F2B-5951-4B67-BD92-0E82757FD903"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:qts:4.5.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "D430FFFE-EEC5-4CA5-A70F-002F33019CDA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:quts_hero:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "h4.5.1",
              "matchCriteriaId": "BE4F1063-2A90-42A8-95A9-FD3D0FD4618F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:quts_hero:h4.5.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "CA4BA3AA-5273-431B-BCC1-F1CACA27AF53"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:qnap:quts_hero:h4.5.1.1472:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9E7923D-8C17-4EFE-883B-829215359E3B"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.qnap.com/en/security-advisory/qsa-21-05",
      "source": "security@qnapsecurity.com.tw",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2020-2509",`
			`"sourceIdentifier": "security@qnapsecurity.com.tw",`
			`"published": "2021-04-17T04:15:11.327",`
Auto-Update: 2023-11-14T21:00:19.187923+00:00 2023-11-14 21:00:23 +00:00			`"lastModified": "2023-11-14T19:26:49.173",`
bootstrap 2023-04-24 12:24:31 +02:00			`"vulnStatus": "Analyzed",`
			`"cisaExploitAdd": "2022-04-11",`
			`"cisaActionDue": "2022-05-02",`
			`"cisaRequiredAction": "Apply updates per vendor instructions.",`
			`"cisaVulnerabilityName": "QNAP Network-Attached Storage (NAS) Command Injection Vulnerability",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			"value": "A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later"
			`},`
			`{`
			`"lang": "es",`
			"value": "Se ha reportado una vulnerabilidad de inyecci\u00f3n de comando que afecta a QTS y a QuTS hero. Si se explota, esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios en una aplicaci\u00f3n comprometida. Ya hemos corregido esta vulnerabilidad en las siguientes versiones: QTS versiones 4.5.2.1566 Build 20210202 y posteriores. QTS versiones 4.5.1.1495 Build 20201123 y posteriores. QTS versiones 4.3.6.1620 Build 20210322 y posteriores QTS versiones 4.3.4.1632 Build 20210324 y posteriores QTS versiones 4.3.3.1624 Build 20210416 y posteriores. QTS versiones 4.2.6 Build 20210327 y posteriores. QuTS hero versiones h4.5.1.1491 build 20201119 y posteriores"
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 9.8,`
			`"baseSeverity": "CRITICAL"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 5.9`
			`}`
			`],`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "LOW",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "PARTIAL",`
			`"availabilityImpact": "PARTIAL",`
			`"baseScore": 7.5`
			`},`
			`"baseSeverity": "HIGH",`
			`"exploitabilityScore": 10.0,`
			`"impactScore": 6.4,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": false,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-77"`
			`}`
			`]`
			`},`
			`{`
			`"source": "security@qnapsecurity.com.tw",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-77"`
			`},`
			`{`
			`"lang": "en",`
			`"value": "CWE-78"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts::::::::",`
			`"versionEndExcluding": "4.2.6",`
			`"matchCriteriaId": "3777F6CC-9189-4BC0-B336-62BA1EFB91A7"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts::::::::",`
			`"versionStartIncluding": "4.3.5",`
			`"versionEndExcluding": "4.3.6",`
			`"matchCriteriaId": "5E4CE6D6-F834-4B65-ADF9-E83C31270788"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts::::::::",`
			`"versionStartIncluding": "4.4.0",`
			`"versionEndExcluding": "4.5.1",`
			`"matchCriteriaId": "70A079A5-D3A6-408A-830E-4B5F3BA07EFA"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:-::::::",`
			`"matchCriteriaId": "2D3B1E3A-C9E9-4BB8-8BFC-AE1258722F85"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20170517::::::",`
			`"matchCriteriaId": "8F523E9F-D101-4C29-A624-74E1F3F8CB7D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190322::::::",`
			`"matchCriteriaId": "1388DBE0-F6BB-44AB-81AC-BFB4E70BE820"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190730::::::",`
			`"matchCriteriaId": "CF3C4461-C1B6-43A1-BA5E-D6658EFD06EE"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20190921::::::",`
			`"matchCriteriaId": "A1F11848-6FED-4D58-A177-36D280C0347C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20191107::::::",`
			`"matchCriteriaId": "F6259C86-FFDA-40E8-AF0C-33CC8C108DC9"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200109::::::",`
			`"matchCriteriaId": "9E01E157-BDF1-4B00-BA9B-6887C0C7DFF2"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200421::::::",`
			`"matchCriteriaId": "1D1E5368-9587-4E0A-BB65-D88069CA8490"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200611::::::",`
			`"matchCriteriaId": "B63CE419-871C-4866-8AB1-4BB6461E1D74"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.2.6:build_20200821::::::",`
			`"matchCriteriaId": "886A71D1-9615-47A5-B3C2-CBC6F02961A4"`
			`},`
Auto-Update: 2023-11-14T21:00:19.187923+00:00 2023-11-14 21:00:23 +00:00			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.0174:::::::*",`
			`"matchCriteriaId": "DB10F6C0-7CB4-49D2-A1F7-9F3387CD1271"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.0868:::::::*",`
			`"matchCriteriaId": "1931A1D6-C1E6-410A-9F9E-9FD949D42C58"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.0998:::::::*",`
			`"matchCriteriaId": "77FFA90F-FDFA-4B73-960F-BEE7A92DB6BA"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1051:::::::*",`
			`"matchCriteriaId": "491E9EA6-45FC-4D65-9C4E-AB62095DC861"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1098:::::::*",`
			`"matchCriteriaId": "264B823B-E086-464E-A740-68BFB0AB8650"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1161:::::::*",`
			`"matchCriteriaId": "A5675D7E-1332-445B-BE5A-0506E765E99A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1252:::::::*",`
			`"matchCriteriaId": "DC246E80-7A88-4D91-989B-2922C70B1378"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1315:::::::*",`
			`"matchCriteriaId": "C8D69E0D-84C1-4988-9D73-2D3F511748D0"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1386:::::::*",`
			`"matchCriteriaId": "6F583384-38B8-4BB8-A957-BC6DBC145AEE"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.3.1432:::::::*",`
			`"matchCriteriaId": "D7D05B71-CAF6-416F-BF92-AB4934474F26"`
			`},`
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0358:::::::*",`
			`"matchCriteriaId": "E1598EB2-E1B4-472F-909F-2C47618EE884"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0358:beta1::::::",`
			`"matchCriteriaId": "D560B30D-6A9F-4A44-B83B-4FAB02A94830"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0370:::::::*",`
			`"matchCriteriaId": "A09397C1-338B-499C-BFB5-B758B4FF9617"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0370:beta1::::::",`
			`"matchCriteriaId": "ACB33269-7F69-45DA-9CF0-B0322FFC577D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0372:::::::*",`
			`"matchCriteriaId": "0B2D3D89-414E-46AA-8B02-B5FE969508D3"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0372:beta1::::::",`
			`"matchCriteriaId": "3CABE783-B9CA-4E15-8DC2-75C39F214600"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0374:::::::*",`
			`"matchCriteriaId": "46505B7D-7CF7-4EF0-B52E-18531BF33675"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0374:beta1::::::",`
			`"matchCriteriaId": "D8B39FE2-79A9-478C-AE83-8D9664A6D1F8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0387:::::::*",`
			`"matchCriteriaId": "B29246B7-AA5B-4BB2-B096-6B2798420FC8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0387:beta2::::::",`
			`"matchCriteriaId": "DEA6AF09-BCB3-45EE-A59F-5A6CEFE8CBAC"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0411:::::::*",`
			`"matchCriteriaId": "D339C9BA-E6DA-4116-B6E0-1C25F047FFFD"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0416:::::::*",`
			`"matchCriteriaId": "69859698-F815-489E-A08D-F1E2987C3F7D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0427:::::::*",`
			`"matchCriteriaId": "E7BCBB16-EAAA-4184-B94C-3E2354BB4D50"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0434:::::::*",`
			`"matchCriteriaId": "55B35E45-D2B2-45D0-A018-002E5CACEB26"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0435:::::::*",`
			`"matchCriteriaId": "F7DFA308-8071-4F4E-9457-2BBDF455D861"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0451:::::::*",`
			`"matchCriteriaId": "94F95C29-9AB4-4204-831B-075413055289"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0483:::::::*",`
			`"matchCriteriaId": "F556C8A6-8595-4207-93BF-2B1E8EEB2196"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0486:::::::*",`
			`"matchCriteriaId": "2F10A372-65BB-4FD6-940E-671022385757"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0506:::::::*",`
			`"matchCriteriaId": "DF9514B2-C366-418E-9659-8501ABD6E367"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0516:::::::*",`
			`"matchCriteriaId": "995F09C6-D7C2-493D-815E-E837B371E2E5"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0526:::::::*",`
			`"matchCriteriaId": "2BCCA5A5-C789-42FE-8652-F03618F095BE"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0551:::::::*",`
			`"matchCriteriaId": "3230EF50-B2CC-4A4D-B353-7BE461BB235D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0557:::::::*",`
			`"matchCriteriaId": "0DC8B14B-3882-44C4-9CE8-C5D6FC0BE00A"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0561:::::::*",`
			`"matchCriteriaId": "D30204B8-097B-42EB-A7EC-9142F7D41EB0"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0569:::::::*",`
			`"matchCriteriaId": "945AE50D-8745-42B2-9B89-04B21C98657B"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0593:::::::*",`
			`"matchCriteriaId": "9BD98EC7-C26E-4AAB-AC6C-56A82C8C2432"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0597:::::::*",`
			`"matchCriteriaId": "1FDBAE33-D3A8-46C7-8C4E-CB0C12ED08B0"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0604:::::::*",`
			`"matchCriteriaId": "A99818FC-0BC5-45A9-AD55-C02FC0AB1959"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.0899:::::::*",`
			`"matchCriteriaId": "98DCB45E-6024-4BB6-A40A-1CB871343930"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1029:::::::*",`
			`"matchCriteriaId": "485AF3DC-126D-464C-A6ED-59746031BCC5"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1082:::::::*",`
			`"matchCriteriaId": "C1AF22BA-1772-4BFC-8BC1-3D626E14288F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1190:::::::*",`
			`"matchCriteriaId": "CD0B2AE2-22D3-4E7A-9F0B-85E8DB82C632"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1282:::::::*",`
			`"matchCriteriaId": "483FE324-D554-4F10-B6A6-F2C7818FFB83"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1368:::::::*",`
			`"matchCriteriaId": "AB49B315-B381-47CD-AB70-A5D1DC7649E6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1417:::::::*",`
			`"matchCriteriaId": "EB92648C-7555-44B7-B35A-F1F1089B4740"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.4.1463:::::::*",`
			`"matchCriteriaId": "2CB16CBC-B3E1-43B1-91C7-0C183DF01B2F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6:-::::::",`
			`"matchCriteriaId": "A0E214BD-DC96-4B53-9BE7-8DD8F79B4542"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0895:::::::*",`
			`"matchCriteriaId": "A1AB2488-4D3D-494B-9C93-1AA3C7964644"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0907:::::::*",`
			`"matchCriteriaId": "6C24D008-D055-4A2C-88D4-85FB6DC45EFE"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0923:::::::*",`
			`"matchCriteriaId": "B64D1A6D-D306-46B8-B345-3D9C38544761"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0944:::::::*",`
			`"matchCriteriaId": "067C0A13-525C-4376-A6CC-0B86F7F92670"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0959:::::::*",`
			`"matchCriteriaId": "4BAE62E0-5FA0-4B9F-ACCA-9C8C70AC1F2C"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0979:::::::*",`
			`"matchCriteriaId": "B6023A8C-77A8-4B79-ACC6-872E98CA0D29"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.0993:::::::*",`
			`"matchCriteriaId": "CAA72D06-4FE1-4DC3-A96B-2975A4A9AF84"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1013:::::::*",`
			`"matchCriteriaId": "0CD59BCF-E119-4910-90CE-DCA212D146F5"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1033:::::::*",`
			`"matchCriteriaId": "E8F01168-A599-480D-BEB1-FA0195B696E6"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1070:::::::*",`
			`"matchCriteriaId": "732218C9-0DD1-4153-BBC4-F9B8DDE03456"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1154:::::::*",`
			`"matchCriteriaId": "FEE80D8E-69F2-4AEB-85E1-1B4E64234A45"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1218:::::::*",`
			`"matchCriteriaId": "4CC2FD13-427C-465C-A829-44224537B6D8"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1263:::::::*",`
			`"matchCriteriaId": "15182D24-932E-4CC1-A791-DDFCF8B88C49"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1286:::::::*",`
			`"matchCriteriaId": "FC7B2F4D-4FB2-4DC2-AE97-C6F3081A9A73"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1333:::::::*",`
			`"matchCriteriaId": "4EB3E4B8-CF05-4EE2-A0DD-53FD50145893"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1411:::::::*",`
			`"matchCriteriaId": "45C0ADAF-C42E-44EC-96B9-A8EA33AAB67D"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.3.6.1446:::::::*",`
			`"matchCriteriaId": "E4A24254-768F-4538-9DD8-26DCDEECF7CF"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.5.1:-::::::",`
			`"matchCriteriaId": "58596171-5A5E-4295-A987-DB29944F5877"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.5.1.1456:::::::*",`
			`"matchCriteriaId": "00084D65-D5B3-4554-AA27-5B4A488845C9"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.5.1.1461:::::::*",`
			`"matchCriteriaId": "A06FF7A8-3932-489B-B2A5-D6E56220A806"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.5.1.1465:::::::*",`
			`"matchCriteriaId": "7FE2D3BD-2743-47E3-96E2-7C7C75439946"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.5.1.1480:::::::*",`
			`"matchCriteriaId": "90D78F2B-5951-4B67-BD92-0E82757FD903"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:qts:4.5.2:-::::::",`
			`"matchCriteriaId": "D430FFFE-EEC5-4CA5-A70F-002F33019CDA"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:quts_hero::::::::",`
			`"versionEndExcluding": "h4.5.1",`
			`"matchCriteriaId": "BE4F1063-2A90-42A8-95A9-FD3D0FD4618F"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:quts_hero:h4.5.1:-::::::",`
			`"matchCriteriaId": "CA4BA3AA-5273-431B-BCC1-F1CACA27AF53"`
			`},`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:qnap:quts_hero:h4.5.1.1472:::::::*",`
			`"matchCriteriaId": "C9E7923D-8C17-4EFE-883B-829215359E3B"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://www.qnap.com/en/security-advisory/qsa-21-05",`
			`"source": "security@qnapsecurity.com.tw",`
			`"tags": [`
			`"Vendor Advisory"`
			`]`
			`}`
			`]`
			`}`