CVE-2024-50389

Name of the Vulnerable Software and Affected Versions QuRouter versions prior to 2.4.5.032

Description A SQL injection vulnerability has been reported to affect QuRouter, allowing remote attackers to inject malicious code if exploited. The vulnerability is related to errors in processing input data, which could enable a remote attacker to execute arbitrary code. The issue was exploited during the Pwn2Own hacking contest, indicating real-world exploitation.

Recommendations For QuRouter versions prior to 2.4.5.032, update to version 2.4.5.032 or later to prevent remote attacks injecting malicious code. As a temporary workaround, consider restricting access to vulnerable components until a patch is applied.