CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-48866

An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state. We have already fixed the vulnerability in the following versions: QTS 5.1.9.2954 build 20241120 and later QTS 5.2.2.2950 build 20241114 and later QuTS hero h5.1.9.2954 build 20241120 and later QuTS hero h5.2.2.2952 build 20241116 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.5%

CVSS Severity

CVSS v3 Score 5.3

References

https://www.qnap.com/en/security-advisory/qsa-24-49

Products affected by CVE-2024-48866

Qnap » Qts » Version: 5.1.0.2348

cpe:2.3:o:qnap:qts:5.1.0.2348
Qnap » Qts » Version: 5.1.0.2399

cpe:2.3:o:qnap:qts:5.1.0.2399
Qnap » Qts » Version: 5.1.0.2418

cpe:2.3:o:qnap:qts:5.1.0.2418
Qnap » Qts » Version: 5.1.0.2444

cpe:2.3:o:qnap:qts:5.1.0.2444
Qnap » Qts » Version: 5.1.0.2466

cpe:2.3:o:qnap:qts:5.1.0.2466
Qnap » Qts » Version: 5.1.1.2491

cpe:2.3:o:qnap:qts:5.1.1.2491
Qnap » Qts » Version: 5.1.2.2533

cpe:2.3:o:qnap:qts:5.1.2.2533
Qnap » Qts » Version: 5.1.3.2578

cpe:2.3:o:qnap:qts:5.1.3.2578
Qnap » Qts » Version: 5.1.4.2596

cpe:2.3:o:qnap:qts:5.1.4.2596
Qnap » Qts » Version: 5.1.5.2645

cpe:2.3:o:qnap:qts:5.1.5.2645
Qnap » Qts » Version: 5.1.5.2679

cpe:2.3:o:qnap:qts:5.1.5.2679
Qnap » Qts » Version: 5.1.6.2722

cpe:2.3:o:qnap:qts:5.1.6.2722
Qnap » Qts » Version: 5.1.7.2770

cpe:2.3:o:qnap:qts:5.1.7.2770
Qnap » Qts » Version: 5.1.8.2823

cpe:2.3:o:qnap:qts:5.1.8.2823
Qnap » Qts » Version: 5.2.0.2737

cpe:2.3:o:qnap:qts:5.2.0.2737
Qnap » Qts » Version: 5.2.0.2744

cpe:2.3:o:qnap:qts:5.2.0.2744
Qnap » Qts » Version: 5.2.0.2782

cpe:2.3:o:qnap:qts:5.2.0.2782
Qnap » Qts » Version: 5.2.0.2802

cpe:2.3:o:qnap:qts:5.2.0.2802
Qnap » Qts » Version: 5.2.0.2823

cpe:2.3:o:qnap:qts:5.2.0.2823
Qnap » Qts » Version: 5.2.0.2851

cpe:2.3:o:qnap:qts:5.2.0.2851
Qnap » Qts » Version: 5.2.0.2860

cpe:2.3:o:qnap:qts:5.2.0.2860
Qnap » Qts » Version: 5.2.1.2930

cpe:2.3:o:qnap:qts:5.2.1.2930
Qnap » Quts Hero » Version: h5.1.0.2409

cpe:2.3:o:qnap:quts_hero:h5.1.0.2409
Qnap » Quts Hero » Version: h5.1.0.2424

cpe:2.3:o:qnap:quts_hero:h5.1.0.2424
Qnap » Quts Hero » Version: h5.1.0.2453

cpe:2.3:o:qnap:quts_hero:h5.1.0.2453
Qnap » Quts Hero » Version: h5.1.0.2466

cpe:2.3:o:qnap:quts_hero:h5.1.0.2466
Qnap » Quts Hero » Version: h5.1.1.2488

cpe:2.3:o:qnap:quts_hero:h5.1.1.2488
Qnap » Quts Hero » Version: h5.1.2.2534

cpe:2.3:o:qnap:quts_hero:h5.1.2.2534
Qnap » Quts Hero » Version: h5.1.3.2578

cpe:2.3:o:qnap:quts_hero:h5.1.3.2578
Qnap » Quts Hero » Version: h5.1.4.2596

cpe:2.3:o:qnap:quts_hero:h5.1.4.2596
Qnap » Quts Hero » Version: h5.1.5.2647

cpe:2.3:o:qnap:quts_hero:h5.1.5.2647
Qnap » Quts Hero » Version: h5.1.5.2680

cpe:2.3:o:qnap:quts_hero:h5.1.5.2680
Qnap » Quts Hero » Version: h5.1.6.2734

cpe:2.3:o:qnap:quts_hero:h5.1.6.2734
Qnap » Quts Hero » Version: h5.1.7.2770

cpe:2.3:o:qnap:quts_hero:h5.1.7.2770
Qnap » Quts Hero » Version: h5.1.7.2788

cpe:2.3:o:qnap:quts_hero:h5.1.7.2788
Qnap » Quts Hero » Version: h5.1.7.2794

cpe:2.3:o:qnap:quts_hero:h5.1.7.2794
Qnap » Quts Hero » Version: h5.1.8.2823

cpe:2.3:o:qnap:quts_hero:h5.1.8.2823
Qnap » Quts Hero » Version: h5.2.0.2737

cpe:2.3:o:qnap:quts_hero:h5.2.0.2737
Qnap » Quts Hero » Version: h5.2.0.2782

cpe:2.3:o:qnap:quts_hero:h5.2.0.2782
Qnap » Quts Hero » Version: h5.2.0.2789

cpe:2.3:o:qnap:quts_hero:h5.2.0.2789
Qnap » Quts Hero » Version: h5.2.0.2802

cpe:2.3:o:qnap:quts_hero:h5.2.0.2802
Qnap » Quts Hero » Version: h5.2.0.2823

cpe:2.3:o:qnap:quts_hero:h5.2.0.2823
Qnap » Quts Hero » Version: h5.2.0.2851

cpe:2.3:o:qnap:quts_hero:h5.2.0.2851
Qnap » Quts Hero » Version: h5.2.0.2860

cpe:2.3:o:qnap:quts_hero:h5.2.0.2860
Qnap » Quts Hero » Version: h5.2.1.2929

cpe:2.3:o:qnap:quts_hero:h5.2.1.2929
Qnap » Quts Hero » Version: h5.2.1.2940

cpe:2.3:o:qnap:quts_hero:h5.2.1.2940

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-48866

Products

Pricing

Contact Us