CVE-2024-38641

🗓️ 06 Sep 2024 16:27:46Reported by qnapType

OS command injection vulnerability in QNAP O

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2024-38641	6 Sep 202419:56	–	circl
CNNVD	QNAP QTS和QuTS hero 命令注入漏洞	6 Sep 202400:00	–	cnnvd
CNVD	QNAP QTS and QuTS hero OS command injection vulnerability (CNVD-2025-27833)	11 Sep 202400:00	–	cnvd
Cvelist	CVE-2024-38641 QTS, QuTS hero	6 Sep 202416:27	–	cvelist
EUVD	EUVD-2024-37502	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in QNAP QTS and QTS Hero	10 Sep 202410:56	–	ncsc
NVD	CVE-2024-38641	6 Sep 202417:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-24-33)	10 Sep 202400:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-24-33)	10 Sep 202400:00	–	openvas
Positive Technologies	PT-2024-28095 · Qnap · Qnap Qts +1	6 Sep 202400:00	–	ptsecurity

NVD

Node

qnap qtsMatch5.1.0.2348build_20230325

qnap qtsMatch5.1.0.2399build_20230515

qnap qtsMatch5.1.0.2418build_20230603

qnap qtsMatch5.1.0.2444build_20230629

qnap qtsMatch5.1.0.2466build_20230721

qnap qtsMatch5.1.1.2491build_20230815

qnap qtsMatch5.1.2.2533build_20230926

qnap qtsMatch5.1.3.2578build_20231110

qnap qtsMatch5.1.4.2596build_20231128

qnap qtsMatch5.1.5.2645build_20240116

qnap qtsMatch5.1.5.2679build_20240219

qnap qtsMatch5.1.6.2722build_20240402

qnap qtsMatch5.1.7.2770build_20240520

Node

qnap quts_heroMatchh5.1.0.2409build_20230525

qnap quts_heroMatchh5.1.0.2424build_20230609

qnap quts_heroMatchh5.1.0.2453build_20230708

qnap quts_heroMatchh5.1.0.2466build_20230721

qnap quts_heroMatchh5.1.1.2488build_20230812

qnap quts_heroMatchh5.1.2.2534build_20230927

qnap quts_heroMatchh5.1.3.2578build_20231110

qnap quts_heroMatchh5.1.4.2596build_20231128

qnap quts_heroMatchh5.1.5.2647build_20240118

qnap quts_heroMatchh5.1.5.2680build_20240220

qnap quts_heroMatchh5.1.6.2734build_20240414

qnap quts_heroMatchh5.1.7.2770build_20240520

qnap quts_heroMatchh5.1.7.2788build_20240607

qnap quts_heroMatchh5.1.7.2794build_20240613

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.1.8.2823 build 20240712",
        "status": "affected",
        "version": "5.1.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.1.8.2823 build 20240712",
        "status": "affected",
        "version": "h5.1.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-24-33

16 Sep 2024 12:35Current

7.8High risk

Vulners AI Score7.8

CVSS 3.17.8

CVSS 47.3

EPSS0.00335

SSVC