If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907.Creditsswings & leommxj, Chaitin Security Research Lab.Referenceshttps://www.qnap.com/en/security-advisory/qsa-20-09
