Improper Certificate Validation Vulnerability in QNAP Operating Systems
CVE-2024-48865

Currently unrated

Key Information:

Vendor: QNAP
Status: QNAP Operating System
Vendor: CVE Published:; 6 December 2024

What is CVE-2024-48865?

A vulnerability due to improper certificate validation in several versions of QNAP operating systems has been identified. This flaw could permit attackers who have local network access to compromise system security. Users are strongly advised to update to the latest versions of QTS and QuTS hero to mitigate any potential threats associated with this vulnerability.

References

https://www.qnap.com/en/security-advisory/qsa-24-49

Timeline

Vulnerability published
Dec 6, 2024