CVE-2024-50389: QuRouter
First published: Fri Dec 06 2024(Updated: )
A SQL injection vulnerability has been reported to affect QuRouter. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QuRouter | <2.4.5.032 |
Remedy
We have already fixed the vulnerability in the following version: QuRouter 2.4.5.032 and later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-50389?
CVE-2024-50389 is considered a high severity SQL injection vulnerability affecting QuRouter.
How do I fix CVE-2024-50389?
To fix CVE-2024-50389, upgrade to QuRouter version 2.4.5.032 or later.
What types of attacks can be executed by exploiting CVE-2024-50389?
Exploiting CVE-2024-50389 can allow remote attackers to execute arbitrary SQL queries against the database.
Is CVE-2024-50389 present in older versions of QuRouter?
Yes, CVE-2024-50389 is present in QuRouter versions prior to 2.4.5.032.
Has CVE-2024-50389 been officially patched?
Yes, CVE-2024-50389 has been officially patched in QuRouter version 2.4.5.032 and later.
- agent/remedy
- agent/weakness
- agent/title
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/qurouter
- canonical/qurouter