An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands.
We have already fixed the vulnerability in the following versions:
QuRouter 2.4.4.106 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-24-44 |
History
Tue, 26 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Qnap
Qnap qurouter |
|
CPEs | cpe:2.3:a:qnap:qurouter:*:*:*:*:*:*:*:* | |
Vendors & Products |
Qnap
Qnap qurouter |
|
Metrics |
ssvc
|
Fri, 22 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later | |
Title | QHora | |
Weaknesses | CWE-77 CWE-78 |
|
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2024-11-22T15:32:01.006Z
Updated: 2024-11-26T15:57:56.198Z
Reserved: 2024-10-09T00:22:57.834Z
Link: CVE-2024-48861
Vulnrichment
Updated: 2024-11-22T16:38:42.010Z
NVD
Status : Received
Published: 2024-11-22T16:15:28.483
Modified: 2024-11-22T16:15:28.483
Link: CVE-2024-48861
Redhat
No data.