cbcvebase.
CVE-2024-50387
published 2024-12-06

CVE-2024-50387: A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers…

PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
10.05%
95.0th percentile
A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inject malicious code. We have already fixed the vulnerability in the following version: SMB Service 4.15.002 and later SMB Service h4.15.002 and later

Affected

4 ranges
VendorProductVersion rangeFixed in
qnapsmb_service
qnapsmb_service
qnap_systems_incsmb_service>= 4.15.x < 4.15.0024.15.002
qnap_systems_incsmb_service>= h4.15.x < h4.15.002h4.15.002

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2024-50387 is a SQL injection vulnerability in QNAP SMB Service; exploitation at Pwn2Own resulted in a root shell on a QNAP TS-464 NAS device — monitor for unexpected root-level process spawning from SMB Service processes
  • Successful exploitation yields a root shell on the target NAS device — alert on root shell acquisition originating from SMB Service on QNAP devices
  • Target device is QNAP TS-464 NAS; prioritize detection and patching on this model running unpatched SMB Service versions below 4.15.002 / h4.15.002
  • ·Vulnerability is fixed in SMB Service 4.15.002 and later, and h4.15.002 and later; any QNAP device running an older SMB Service version remains vulnerable to remote SQL injection leading to root compromise
  • ·QNAP NAS devices are frequently targeted for ransomware and data theft; unpatched internet-exposed devices running vulnerable SMB Service versions are at elevated risk

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv4.010.0CRITICALCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.