EUVD-2024-54240

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Command injection vulnerability affects QNAP OS, allowing remote execution of commands by attackers.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-53692	7 Mar 202516:35	–	circl
CNNVD	QNAP Systems QTS和QNAP Systems QuTS hero 操作系统命令注入漏洞	7 Mar 202500:00	–	cnnvd
CNVD	QNAP QTS and QNAP QuTS hero command injection vulnerability (CNVD-2025-17595)	10 Mar 202500:00	–	cnvd
CVE	CVE-2024-53692	7 Mar 202516:13	–	cve
Cvelist	CVE-2024-53692 QTS, QuTS hero	7 Mar 202516:13	–	cvelist
NVD	CVE-2024-53692	7 Mar 202517:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-24-54)	10 Mar 202500:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-24-54)	10 Mar 202500:00	–	openvas
OSV	CVE-2024-53692	7 Mar 202517:15	–	osv
RedhatCVE	CVE-2024-53692	9 Mar 202516:35	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "853fc85b-5766-3374-80b7-d538b3f882e4",
        "vendor": {
          "name": "QNAP Systems Inc."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "903dab98-77a0-3080-8180-b09d6439d6aa",
        "product": {
          "name": "QTS"
        },
        "product_version": "5.2.x <5.2.3.3006 build 20250108"
      },
      {
        "id": "a1368e92-866a-35af-b785-1760c79f4ca8",
        "product": {
          "name": "QuTS hero"
        },
        "product_version": "h5.2.x <h5.2.3.3006 build 20250108"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-24-54

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.14.7

CVSS 45.1

EPSS0.00116

SSVC