📦 Q2c Nas Firmware

This CVE describes a command injection vulnerability in ZSPACE Q2C NAS devices that allows remote attackers to execute arbitrary commands on affected systems. The vulnerability exists in the HTTP POST...

This vulnerability allows remote attackers to execute arbitrary commands on ZSPACE Q2C NAS devices by exploiting a command injection flaw in the file management API. Attackers can manipulate the 'safe...

This vulnerability allows remote attackers to execute arbitrary commands on ZSPACE Q2C NAS devices by injecting malicious input into the safe_dir parameter of the HTTP POST request handler. Attackers ...