QNAP Product Security Update Advisory

Nov 27 2024

Overview

An update has been released to address vulnerabilities in QNAP. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-48860, CVE-2024-48861

QuRouter version: 2.4.x

Resolved Vulnerabilities

Command injection vulnerabilities (CVE-2024-48860, CVE-2024-48861) allow remote attackers to execute arbitrary commands

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-48860, CVE-2024-48861

QuRouter version: 2.4.3.106 or later version

Referenced Sites

[1] CVE-2024-48860 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-48860

[2] CVE-2024-48861 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-48861

[3] Multiple Vulnerabilities in QuRouter

https://www.qnap.com/en/security-advisory/qsa-24-44

QNAP Product Security Update Advisory

7-Zip Security Update Advisory (CVE-2024-11477)

UpKeeper Product Security Update Advisory

Tags:

7-Zip Security Update Advisory (CVE-2024-11477)

UpKeeper Product Security Update Advisory