Vulnerability Details CVE-2026-22901
A command injection vulnerability has been reported to affect QuNetSwitch. If a remote attacker gains a user account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version:
QuNetSwitch 2.0.5.0906 and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 77.2%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-22901
-
cpe:2.3:a:qnap:qunetswitch:*