Security QNAP QTS 4.2.1 Build 20160601 Lang Parameter Command Injection August 18, 2016 007admin Leave a comment QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.