Add CVE-2020-2509 - QNAP QTS/QuTS RCE Template | Algora

🎉 Algora is now open source!Give us a star

PR

Add CVE-2020-2509 - QNAP QTS/QuTS RCE Template

projectdiscovery/nuclei-templates#12365

This PR adds an advanced Nuclei template for CVE-2020-2509 affecting QNAP QTS and QuTS systems.

✅ Features:

Multi-payload command injection (RCE)
WAF bypass tricks
Extractor for uid/gid in response
Supports pitchfork attack mode
Shodan-query tag and verified:true metadata

References:

/claim #12355

Claim

Total prize pool $50

Total paid $0

Status Pending

Submitted June 15, 2025

Last updated June 15, 2025

Contributors

MA

malek838

@malek838

100%

Sponsors

PR

ProjectDiscovery

@projectdiscovery

$50