CVE-2021-34343
Buffer Overflow Vulnerability in QTS, QuTS hero, and QuTScloud
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later
Se ha reportado de una vulnerabilidad de desbordamiento del búfer de la pila que afecta al dispositivo QNAP que ejecuta QTS, QuTScloud, QuTS hero. Si es explotado, esta vulnerabilidad permite a atacantes ejecutar código arbitrario. Ya hemos corregido esta vulnerabilidad en las siguientes versiones de QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 y posteriores QTS 5.0.0.1716 build 20210701 y posteriores QuTScloud c4.5.6.1755 y posteriores QuTS hero h4.5.4.1771 build 20210825 y posteriores
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-06-08 CVE Reserved
- 2021-09-10 CVE Published
- 2023-04-03 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.qnap.com/en/security-advisory/qsa-21-33 | 2022-02-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | < 4.3.3.1693 Search vendor "Qnap" for product "Qts" and version " < 4.3.3.1693" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | >= 4.3.4 < 4.3.6.1750 Search vendor "Qnap" for product "Qts" and version " >= 4.3.4 < 4.3.6.1750" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | >= 4.4.0 < 4.5.4.1715 Search vendor "Qnap" for product "Qts" and version " >= 4.4.0 < 4.5.4.1715" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | >= 5.0.0 < 5.0.0.1716 Search vendor "Qnap" for product "Qts" and version " >= 5.0.0 < 5.0.0.1716" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | < h4.5.4.1771 Search vendor "Qnap" for product "Quts Hero" and version " < h4.5.4.1771" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qutscloud Search vendor "Qnap" for product "Qutscloud" | < c4.5.6.1755 Search vendor "Qnap" for product "Qutscloud" and version " < c4.5.6.1755" | - |
Affected
|