QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2024-38641

Back to search

CVE-2024-38641

Published: Sep 6, 2024

Modified: Sep 6, 2024

PUBLISHED

Description

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local network users to execute commands via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later

VendorProductVersions

QNAP Systems Inc.

QTS

affected
5.1.x - < 5.1.8.2823 build 20240712

QNAP Systems Inc.

QuTS hero

affected
h5.1.x - < h5.1.8.2823 build 20240712

Weaknesses (CWE)

CWE-77
CWE-78

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now