An OS command injection vulnerability has been reported...
High severity
Unreviewed
Published
Sep 6, 2024
to the GitHub Advisory Database
•
Updated Sep 6, 2024
Description
Published by the National Vulnerability Database
Sep 6, 2024
Published to the GitHub Advisory Database
Sep 6, 2024
Last updated
Sep 6, 2024
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QTS 4.3.6.2805 build 20240619 and later
QTS 4.3.4.2814 build 20240618 and later
QTS 4.3.3.2784 build 20240619 and later
QTS 4.2.6 build 20240618 and later
References