CVE-2024-38641 | QNAP QTS/QuTS hero prior 5.1.8.2823 Build 20240712 os command injection (qsa-24-33)

Posted by Angelo Barbosa | Sep 6, 2024 | CVE

A vulnerability, which was classified as critical, has been found in QNAP QTS and QuTS hero. Affected by this issue is some unknown functionality. The manipulation leads to os command injection.

This vulnerability is handled as CVE-2024-38641. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38641 | QNAP QTS/QuTS hero prior 5.1.8.2823 Build 20240712 os command injection (qsa-24-33)

Related Posts

CVE-2024-30214 | SAP Business Connector 4.8 GET Query Parameter cross site scripting

CVE-2024-44685 | South River MFT Server/Titan SFTP Server up to 2.0.25.2426 Web UI information disclosure

CVE-2023-51761 | Emerson Rosemount GC370XA 4.1.5 improper authentication (icsa-24-030-01)

CVE-2023-50291 | Apache Solr up to 8.11.2/9.2.x /admin/info/properties insufficiently protected credentials