QHora
CVE-2024-48861

Currently unrated

Key Information:

Vendor: QNAP
Status: Qurouter
Vendor: CVE Published:; 22 November 2024

What is CVE-2024-48861?

An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands.

We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

QuRouter 2.4.x < 2.4.4.106

References

https://www.qnap.com/en/security-advisory/qsa-24-44

Timeline

Vulnerability published
Nov 22, 2024

Credit

Midnight Blue / PHP Hooligans

JSON

QNAP