CVE-2024-53700: QHora
First published: Fri Mar 07 2025(Updated: )
A command injection vulnerability has been reported to affect QHora. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands. We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| QuRouter | <2.4.6.028 |
Remedy
We have already fixed the vulnerability in the following version: QuRouter 2.4.6.028 and later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-53700?
CVE-2024-53700 is considered a high-severity vulnerability due to its potential for allowing remote command execution.
How do I fix CVE-2024-53700?
To fix CVE-2024-53700, update QHora QuRouter to version 2.4.6.028 or later.
Who is affected by CVE-2024-53700?
CVE-2024-53700 affects users of QHora QuRouter versions prior to 2.4.6.028.
What type of vulnerability is CVE-2024-53700?
CVE-2024-53700 is a command injection vulnerability.
Can CVE-2024-53700 be exploited remotely?
Yes, CVE-2024-53700 can be exploited remotely by attackers who have gained administrator access.
- agent/references
- agent/weakness
- agent/title
- agent/remedy
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/severity
- agent/source
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/qhora
- canonical/qurouter