CVE-2020-2501 is an out-of-bounds write vulnerability impacting multiple versions of QNAP Surveillance Station. An exploit was observed in open source and a link to an exploit was shared in the underground.
PoC Links(if available):
SSD Secure Disclosure : QNAP Pre-Auth CGI_Find_Parameter RCE –
Known Counter Measures:
QNAP addressed the vulnerability in a security advisory with updated versions.
Links to patches(if available)