Qnap · Qes · CVE-2020-2499
**Name of the Vulnerable Software and Affected Versions**
QES versions prior to 2.1.1 Build 20200515
**Description**
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vulnerability could allow attackers to log in with a hard-coded password and potentially elevate their privileges to execute arbitrary code.
**Recommendations**
For versions prior to 2.1.1 Build 20200515, update to QES 2.1.1 Build 20200515 or later to resolve the issue. As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.