SQL Injection Vulnerability in QuRouter by QNAP
CVE-2024-50389

Currently unrated

Key Information:

Vendor: QNAP
Status: QuRouter
Vendor: CVE Published:; 6 December 2024

Summary

A SQL injection vulnerability has been identified in QNAP’s QuRouter, which could be exploited by remote attackers to execute malicious commands within the affected systems. This could compromise data integrity and system security. It is crucial for users to upgrade to QuRouter version 2.4.5.032 or later to mitigate this risk. The presence of this vulnerability underscores the importance of regular software updates and security best practices.

References

https://www.qnap.com/en/security-advisory/qsa-24-45

Timeline

Vulnerability published
Dec 6, 2024