CVE-2024-21906

MEDIUM Year: 2024
CVSS v3 Score
4.7
Medium
Weakness Type
CWE-78
View all →

Vulnerability Description

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.8.2823 build 20240712 and later QuTS hero h5.1.8.2823 build 20240712 and later

Related Vulnerabilities

CVE-2016-1141

MEDIUM
CVSS:4.7(Medium)

KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.

CWE-782016

CVE-2023-6795

MEDIUM
CVSS:4.7(Medium)

An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privi...

CWE-782023

CVE-2024-4255

MEDIUM
CVSS:4.7(Medium)

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419. This issue affects some unknown processing of the file /view/network Config/GRE/gre_edit_commit.php. ...

CWE-782024

CVE-2024-4501

MEDIUM
CVSS:4.7(Medium)

A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. This issue affects some unknown processing of the file /view/bugSolve/captureData/commit.php. The manipulation...

CWE-782024

CVE-2024-4502

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240428. Affected is an unknown function of the file /view/dhcp/dhcpClient/dhcp_client_commit.php. The manipulation of the...

CWE-782024

CVE-2024-4503

MEDIUM
CVSS:4.7(Medium)

A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240428. Affected by this vulnerability is an unknown functionality of the file /view/dhcp/dhcpConfig/dhcp_relay_commit.php. Th...

CWE-782024