Описание
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands.
We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:qnap:qurouter:2.4.0.190:build_20240522:*:*:*:*:*:*
cpe:2.3:o:qnap:qurouter:2.4.1.172:build_20240606:*:*:*:*:*:*
cpe:2.3:o:qnap:qurouter:2.4.1.634:build_20240710:*:*:*:*:*:*
cpe:2.3:o:qnap:qurouter:2.4.2.317:build_20240903:*:*:*:*:*:*
cpe:2.3:o:qnap:qurouter:2.4.2.538:build_20240923:*:*:*:*:*:*
cpe:2.3:o:qnap:qurouter:2.4.3.103:build_20241011:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00232
Низкий
7.8 High
CVSS3
Дефекты
CWE-77
CWE-78
Связанные уязвимости
CVSS3: 7.8
github
около 1 года назад
An OS command injection vulnerability has been reported to affect several product versions. If exploited, the vulnerability could allow local network attackers to execute commands. We have already fixed the vulnerability in the following versions: QuRouter 2.4.4.106 and later
EPSS
Процентиль: 46%
0.00232
Низкий
7.8 High
CVSS3
Дефекты
CWE-77
CWE-78