CVE-2024-48866 | QNAP QTS/QuTS hero URL url encoding (qsa-24-49)

Inserito da Angelo Barbosa | Dic 6, 2024 | CVE

A vulnerability was found in QNAP QTS and QuTS hero. It has been rated as problematic. Affected by this issue is some unknown functionality of the component URL Handler. The manipulation leads to improper handling of url encoding.

This vulnerability is handled as CVE-2024-48866. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-48866 | QNAP QTS/QuTS hero URL url encoding (qsa-24-49)

Post correlati

CVE-2024-52591 | Misskey up to 2024.11.0-alpha.2 input validation (GHSA-m2gq-69fp-6hv4)

CVE-2024-20521 | Cisco RV042/RV042G/RV320/RV325 up to 4.2.3.14 Web-based Management Interface stack-based overflow (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)

CVE-2024-28793 | Team Concert Git Plugin up to 2.0.4 on Jenkins Rational Team Concert Server URI cross site scripting

CVE-2024-2458 | Powerkit Plugin up to 2.9.1 on WordPress Shortcode cross site scripting