CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2024-50388 – HBS 3 Hybrid Backup Sync
https://notcve.org/view.php?id=CVE-2024-50388
06 Dec 2024 — An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.1.673 and later An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to execute commands. We have already fixed the vulnerability in the follo... • https://www.qnap.com/en/security-advisory/qsa-24-41 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •