- Description
- A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: SMB Service 4.15.002 and later SMB Service h4.15.002 and later
- Source
- security@qnapsecurity.com.tw
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 10
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- security@qnapsecurity.com.tw
- CWE-89
- Hype score
- Not currently trending
[CVE-2024-50387: CRITICAL] SQL injection vulnerability in QNAP OS versions may allow remote code injection. Update to avoid risks in SMB Service 4.15.002+ and h4.15.002+.#cybersecurity,#vulnerability https://t.co/oAedQGFaw6 https://t.co/XItxNtz3Bc
@CveFindCom
6 Dec 2024
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50387 A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inje⦠https://t.co/2uhwCn8Fuy
@CVEnew
6 Dec 2024
247 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-50387
@transilienceai
12 Nov 2024
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-50387
@transilienceai
11 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
ππππ πππππ‘ππ¬ ππππ¨π§π πππ«π¨-πππ² ππ±π©π₯π¨π’π π’π§ ππ°π§πππ°π§ QNAP has released security patches for a second zero-day bug exploited at Pwn2Own hacking contest last week. The company fixed a critical SQL injection vulnerability (CVE-2024-50387) in itsβ¦
@TechBuzzRecap
2 Nov 2024
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
proficioinc RT: QNAP patches second zero-day (CVE-2024-50387) exploited at Pwn2Own to get root via @BleepinComputer #Proficio #ThreatNews #Cybersecurity #MSSP #MDR https://t.co/tkvhKfpoAc β Proficio (@proficioinc) Nov 2, 2024
@DMFezzaReed
2 Nov 2024
94 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
QNAP patches second zero-day (CVE-2024-50387) exploited at Pwn2Own to get root via @BleepinComputer #Proficio #ThreatNews #Cybersecurity #MSSP #MDR https://t.co/jIx6XRfCXx
@proficioinc
2 Nov 2024
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
QNAP has released security patches for a second zero-day bug exploited by security researchers during last week's Pwn2Own hacking contest. This critical SQL injection (SQLi) vulnerability, tracked as CVE-2024-50387. https://t.co/IoN4vWeUYa https://t.co/MOWyzqVcyQ
@riskigy
1 Nov 2024
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50387,CVE-2024-50388 alert π¨ QNAP: SQL injection and command injection The vulnerability is actively exploited in the wild and has been integrated into Patrowl. Our customers assets are protected. π¦ #CyberSecurity #InfoSec #QNAP https://t.co/csBn1ikdir
@Patrowl_io
31 Oct 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
This critical SQL injection (SQLi) vulnerability, tracked as CVE-2024-50387, was found in QNAP's SMB Service and is now fixed in versions 4.15.002 or later and h4.15.002 and later. https://t.co/jXoxgS8WQP
@jbhall56
31 Oct 2024
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: QNAP Patches Critical Zero-Day Exploited at Pwn2Own Ireland 2024 - CVE-2024-5038 CVE-2024-50388 CVE-2024-50387 Severity: β οΈ Critical Maturity: 𧨠Trending Learn more: https://t.co/gif42IcLZ7 #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
31 Oct 2024
61 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Discover the details of a thrilling exploit at #Pwn2Own Ireland 2024. Learn about the CVE-2024-50387 vulnerability and how it allowed hackers to gain control of a #QNAP TS-464 NAS device. https://t.co/94pjTFTL5T
@the_yellow_fall
30 Oct 2024
109 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes