解炜

**Name of the Vulnerable Software and Affected Versions** 360 router versions P0 and F5C **Description** The issue allows users to abuse background app CGI functions without authentication by adding special fields to the URI of the router app function. **Recommendations** For 360 router version P0, consider restricting access to the background app CGI functions until a fix is available. For 360 router version F5C, consider restricting access to the background app CGI functions until a fix is available.

**Name of the Vulnerable Software and Affected Versions** QNAP Video Station versions prior to 5.1.3 (for QTS 4.3.3) and 5.2.0 (for QTS 4.3.4) **Description** This issue allows a remote attacker to run arbitrary commands. **Recommendations** For QNAP Video Station version 5.1.3 (for QTS 4.3.3) and later, no action is required as the issue has been patched. For QNAP Video Station versions prior to 5.1.3 (for QTS 4.3.3) and 5.2.0 (for QTS 4.3.4), update to the latest version to resolve the issue.