Name of the Vulnerable Software and Affected Versions: QNAP QTS (affected versions not specified)

Description: The issue is related to insufficient protection of service data in the QNAP QTS web server for network storage devices. It allows a remote attacker to execute arbitrary code using CGI files from the /mnt/HDA ROOT/home/httpd/cgi-bin directory by connecting through port 8080.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.