Qnap Security Advisory QSA-24-45 on Resolved Vulnerability in QuRouter (PWN2OWN 2024)
Concerning QuRouter V.2.4.x
This is a Press Release edited by StorageNewsletter.com on November 7, 2024 at 2:00 pmQnap Systems, Inc. had published a security advisory concerning a resolved vulnerability in QuRouter.
Release date: November 4, 2024
Security ID: QSA-24-45
CVE identifier: CVE-2024-50389
Affected products: QuRouter 2.4.x
Severity: Critical
Status: Resolved
Summary
A vulnerability has been reported to affect QuRouter.
The company have already fixed vulnerability in following QuRouter version:
Affected product |
Fixed version |
QuRouter 2.4.x |
QuRouter 2.4.5.032 and later |
Recommendation
For optimal security and performance, we recommend regularly updating QuRouter to the latest version, ensuring you receive all vulnerability fixes and new features. You can view the product support status to check for the latest updates available for your model.
Updating QuRouter
-
Log in to QuRouter.
-
Go to Firmware.
-
Select Update now.
-
Select Latest.
-
Click Apply.
A confirmation message appears. -
Click Apply.
QuRouter downloads and installs the latest firmware.
Tip: You can also download the latest firmware for your specific device from Download Center, and then perform a manual update in QuRouter by going to Firmware > Manual Update.
Acknowledgements: Pwn2Own 2024 – Viettel Cyber Security
Revision History:
V1.0 (November 4, 2024) – Published