Qnap Security Advisory | Bulletin ID: QSA-22-09
Concerning remote code execution vulnerability in Apache Struts: company’s products are not affected.
This is a Press Release edited by StorageNewsletter.com on April 19, 2022 at 2:01 pmQnap Systems, Inc. had published security enhancement vs. security vulnerabilities that could affect specific versions of the company’s products.
Use the following information and solutions to correct the security issues and vulnerabilities.
Remote Code Execution Vulnerability in Apache Struts
Release date: April 18, 2022
Security ID: QSA-22-09
CVE identifier: CVE-2020-17530 | CVE-2021-31805
Not affected products: Qnap products
Status: Not affected
Summary
A remote code execution vulnerability has been reported to affect Apache Struts versions 2.0.0 to 2.5.29. A previous fix for the vulnerability was found to be incomplete. If exploited, the vulnerability allows remote attackers to run arbitrary commands.
Qnap products are not affected.
Revision History: V1.0 (April 18, 2022) – Published
Subscribe to our free daily newsletter
