QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-44015

Back to search

CVE-2025-44015

Published: Aug 29, 2025

Modified: Aug 29, 2025

PUBLISHED

Description

A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later

VendorProductVersions

QNAP Systems Inc.

HybridDesk Station

affected
4.2.x - < 4.2.18

Weaknesses (CWE)

CWE-77
CWE-78

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now