Command Injection Vulnerability in QNAP License Center
CVE-2024-48863

Currently unrated

Key Information:

Vendor: QNAP
Vendor: CVE Published:; 6 December 2024

Summary

A critical command injection vulnerability has been identified in QNAP's License Center. This vulnerability enables remote attackers to execute arbitrary commands, potentially compromising the integrity and security of the affected systems. Users operating on versions prior to License Center 1.9.43 are particularly at risk and are strongly advised to update to the latest version to safeguard their systems against potential exploitation.

References

https://www.qnap.com/en/security-advisory/qsa-24-50

Timeline

Vulnerability published
Dec 6, 2024