Summary
QNAP security updates address a critical vulnerability in the QuRouter operating system. This vulnerability, if exploited, could allow a remote attacker to compromise affected devices.
Risk
Vulnerability community impact estimate: HIGH/ORANGE (66.41/100)1.
Type
- Remote Code Execution
Affected products and versions
QuRouter 2.4.x, versions prior to 2.4.5.032
Mitigation actions
In line with vendor statements, it is recommended to update affected products by following the guidance in the security bulletin available in the References section.
Unique Vulnerability Identifiers
References
https://www.qnap.com/en/security-advisory/qsa-24-45
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.