Rewterz

Multiple Microsoft Windows Vulnerabilities

November 26, 2024
Rewterz

Multiple WordPress Plugins Vulnerabilities

November 27, 2024

Multiple QNAP Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-38643 CVSS:9.3

A missing authentication for critical function vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote attackers to gain access to and execute certain functions.

CVE-2024-38644 CVSS:8.7

An OS command injection vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to execute commands.

CVE-2024-38645 CVSS:9.4

A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow remote authenticated attackers to read application data.

CVE-2024-38646 CVSS:8.4

An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource.

CVE-2024-50396 CVSS:7.7

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to obtain secret data or modify memory.

CVE-2024-50397 CVSS:7.7

A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory.

Impact

  • Gain Access

Indicators of Compromise

CVE

  • CVE-2024-38643
  • CVE-2024-38644
  • CVE-2024-38645
  • CVE-2024-38646
  • CVE-2024-50396
  • CVE-2024-50397

Affected Vendors

QNAP

Affected Products

  • Notes Station 3 version 3.9.x
  • QTS 5.2.x
  • QuTS hero h5.2.x

Remediation

Refer to QNAP Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-38643

CVE-2024-38644 

CVE-2024-38645

CVE-2024-38646

CVE-2024-50396

CVE-2024-50397

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.