QHora

CVE-2024-48861

Currently unrated 🤨

Key Information

Vendor: QNAP
Status: Qurouter
Vendor: CVE Published:; 22 November 2024

Summary

An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands.

We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later

Affected Version(s)

QuRouter < 2.4.4.106

Refferences

https://www.qnap.com/en/security-advisory/qsa-24-44

Timeline

Vulnerability published
Nov 22, 2024

Collectors

NVD DatabaseMitre Database

Credit

Midnight Blue / PHP Hooligans