CVE-2024-38644 | QNAP Systems Notes Station up to 3.9.6 command injection (qsa-24-36)

Posted by Angelo Barbosa | Nov 22, 2024 | CVE

A vulnerability was found in QNAP Systems Notes Station up to 3.9.6. It has been classified as critical. Affected is an unknown function. The manipulation leads to command injection.

This vulnerability is traded as CVE-2024-38644. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38644 | QNAP Systems Notes Station up to 3.9.6 command injection (qsa-24-36)

Related Posts

CVE-2024-24906 | Dell Secure Connect Gateway prior 5.22.00.16 Policy Page cross site scripting (dsa-2024-077)

CVE-2023-49082 | aio-libs aiohttp crlf injection

CVE-2024-45133 | Adobe Commerce up to 2.4.7-p2/2.4.6-p7/2.4.5-p9/2.4.4-p10 access control (apsb24-73)

CVE-2024-1848 | Dassault Systèmes SOLIDWORKS Desktop 2024/2024 SP1 File use after free