RCE in Qnap Systems Inc. Qunetswitch

CVE-2026-22897

A command injection vulnerability has been reported to affect QuNetSwitch. The remote attackers can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuNetSwitc…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.004 (61.4th percentile) — read the EPSS interpretation.