cvedb.io
CVE-2021-32530
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2021-07-07T14:15:11.753 · Last modified 2026-06-17T03:53:07.250

Summary

OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0.

Affected products

qsan — xevo

Does this affect you?

Add your gear to cvedb and we'll alert you only when qsan ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.