HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2024-50394

CVSS 7.7v4.0pub. 2025-03-07upd. 2026-01-22

An improper certificate validation vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow remote attackers to compromise the security of the system. We have already fixed the vulnerability in the following version: Helpdesk 3.3.3 and later

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Qnap Helpdesk

    APP
    Qnap
    3.3.1 – 3.3.3 (bez)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2020-2507CRITICAL9.8ten sam produkt

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this command injection v...

CVE-2020-2500CRITICAL9.8ten sam produkt

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service....

CVE-2018-0714CRITICAL9.8ten sam produkt

Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build 20180531, QTS ...

CVE-2020-2506HIGH7.3⚠ KEVten sam produkt

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access con...

CVE-2021-28814HIGH8.8ten sam produkt

An improper access control vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerabilit...