Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2020-2507

Published: 03/02/2021 Updated: 26/03/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Helpdesk

Vulnerability Summary

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection vulnerability could allow remote malicious users to run arbitrary commands. This issue affects: QNAP Systems Inc. Helpdesk versions before 3.0.3.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

qnap helpdesk

Github Repositories

https://github.com/fishykz/2530L-analyze

yk2eR0@HATLAB 官网公告 Authenticated Command Injection and Unauthenticated Credential Disclosure 影响范围 DCS-2530L v10505 & older DCS-2670L v202 & older 测试环境 设备厂商:D-Link 设备型号:D-Link DCS-2530L 设备版本:104 关键程序提取 由于公布的两个漏洞CVE-2020-25079 + CVE-2020-2507刚好一个敏感信息

References

CWE-78https://www.qnap.com/zh-tw/security-advisory/qsa-20-08https://nvd.nist.govhttps://github.com/fishykz/2530L-analyze
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook