Описание
A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands.
We have already fixed the vulnerability in the following version: QuRouter 2.5.1.060 and later
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:qnap:qurouter:2.5.0.140:build_20250227:*:*:*:*:*:*
cpe:2.3:o:qnap:qurouter:2.5.0.268:build_20250324:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
7.2 High
CVSS3
Дефекты
CWE-77
CWE-78
Связанные уязвимости
CVSS3: 7.2
github
5 месяцев назад
A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.5.1.060 and later
EPSS
Процентиль: 27%
0.00097
Низкий
7.2 High
CVSS3
Дефекты
CWE-77
CWE-78