Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later
AnalysisAI
Command injection in QuNetSwitch allows authenticated remote attackers to execute arbitrary commands on affected systems with high impact to confidentiality and integrity. The vulnerability requires valid user credentials to exploit but poses significant risk to systems running versions prior to 2.0.5.0906. No patch is currently available for this CVSS 6.3 medium-severity issue.
Technical ContextAI
QuNetSwitch is a network management application developed by QNAP Systems Inc., identified via CPE as cpe:2.3:a:qnap_systems_inc.:qunetswitch:*:*:*:*:*:*:*:*. The vulnerability is classified under CWE-78 (Improper Neutralization of Special Elements used in an OS Command, also known as OS Command Injection), which indicates that user-supplied input is passed unsanitized to system command execution functions without adequate filtering or escaping. This class of vulnerability typically arises when application code directly constructs shell commands from untrusted input or fails to use safe command invocation APIs (such as parameterized command libraries instead of shell concatenation).
RemediationAI
Upgrade QNAP QuNetSwitch to version 2.0.5.0906 or later immediately, following QNAP's official patching guidance provided in the security advisory at https://www.qnap.com/en/security-advisory/qsa-26-11. Until patching can be completed, restrict network access to the QuNetSwitch management interface to trusted administrative IP addresses or networks, enforce strong password policies to reduce the likelihood of credential compromise, and monitor user account activity and command execution logs for suspicious behavior. If QuNetSwitch is exposed to untrusted networks, isolate it behind a firewall with granular access controls until the patch is deployed.
More in Qunetswitch
View allRemote command execution in QuNetSwitch versions prior to 2.0.4.0415 allows unauthenticated attackers to execute arbitra
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP
QuNetSwitch contains hard-coded credentials that allow remote attackers to bypass authentication and gain unauthorized a
Arbitrary command execution in QuNetSwitch can be achieved by local attackers with administrator privileges due to insuf
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13722