SQL Injection Vulnerability in QNAP Operating System
CVE-2024-50387

Currently unrated

Key Information:

Vendor: QNAP
Status: QNAP Operating System
Vendor: CVE Published:; 6 December 2024

What is CVE-2024-50387?

A SQL injection vulnerability has been identified in multiple versions of the QNAP Operating System, allowing remote attackers to inject and execute malicious code. If left unpatched, this flaw poses a significant risk to data integrity and security within affected systems. QNAP has addressed this issue in the SMB Service version 4.15.002 and later, enhancing protection against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.qnap.com/en/security-advisory/qsa-24-42

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 6, 2024

JSON

QNAP

What is CVE-2024-50387?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

EPSS Score

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.