Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4DescriptionCVE.org
A command injection vulnerability has been reported to affect QuNetSwitch. If a local attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version: QuNetSwitch 2.0.5.0906 and later
AnalysisAI
Arbitrary command execution in QuNetSwitch can be achieved by local attackers with administrator privileges due to insufficient input validation in command processing. This vulnerability affects QuNetSwitch versions prior to 2.0.5.0906, allowing authenticated high-privilege users to bypass security controls and execute system commands. No patch is currently available for affected versions.
Technical ContextAI
The vulnerability is classified as CWE-78 (Improper Neutralization of Special Elements used in an OS Command), which represents a command injection flaw. This occurs when user-controlled input is passed unsanitized to system command execution functions without proper escaping or validation. QNAP QuNetSwitch (identified via CPE cpe:2.3:a:qnap_systems_inc.:qunetswitch:*:*:*:*:*:*:*:*) is a network switching/management platform where an administrator account in the application layer can trigger OS-level command execution. The root cause likely stems from insufficient input sanitization in administrative functions that interact with underlying system commands.
RemediationAI
Immediately upgrade QuNetSwitch to version 2.0.5.0906 or later, which contains the fix for this command injection vulnerability. Refer to the QNAP security advisory at https://www.qnap.com/en/security-advisory/qsa-26-11 for detailed upgrade instructions specific to your deployment. As an interim control pending patching, restrict administrator account creation and access to the QuNetSwitch administrative interface to trusted personnel only, and consider disabling or isolating QuNetSwitch instances that handle sensitive network operations until patching is complete. Network segmentation to limit administrative access to QuNetSwitch to a protected administrative subnet can further reduce exposure.
More in Qunetswitch
View allRemote command execution in QuNetSwitch versions prior to 2.0.4.0415 allows unauthenticated attackers to execute arbitra
A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP
QuNetSwitch contains hard-coded credentials that allow remote attackers to bypass authentication and gain unauthorized a
Command injection in QuNetSwitch allows authenticated remote attackers to execute arbitrary commands on affected systems
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-13723