A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the vulnerability could allow remote attackers to inject malicious code.
We have already fixed the vulnerability in the following version:
QuRouter 2.4.5.032 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-24-45 |
History
Fri, 06 Dec 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Qnap
Qnap qurouter |
|
CPEs | cpe:2.3:a:qnap:qurouter:*:*:*:*:*:*:*:* | |
Vendors & Products |
Qnap
Qnap qurouter |
|
Metrics |
ssvc
|
Fri, 06 Dec 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later | |
Title | QuRouter | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2024-12-06T16:35:45.704Z
Updated: 2024-12-06T19:39:20.514Z
Reserved: 2024-10-24T03:41:08.489Z
Link: CVE-2024-50389
Vulnrichment
Updated: 2024-12-06T19:39:16.105Z
NVD
Status : Received
Published: 2024-12-06T17:15:09.510
Modified: 2024-12-06T17:15:09.510
Link: CVE-2024-50389
Redhat
No data.