CVE-2023-45041
QTS, QuTS hero
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QuTS hero h5.1.4.2596 build 20231128 and later
La vulnerabilidad de copia de búfer sin comprobar el tamaño de la entrada afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podría permitir a los administradores autenticados ejecutar código a través de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.1.4.2596 build 20231128 y posteriores QuTS hero h5.1.4.2596 build 20231128 y posteriores
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-10-03 CVE Reserved
- 2024-01-05 CVE Published
- 2024-01-11 EPSS Updated
- 2024-08-02 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
- CAPEC-100: Overflow Buffers
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.qnap.com/en/security-advisory/qsa-23-27 | 2024-01-10 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.0.2348 Search vendor "Qnap" for product "Qts" and version "5.1.0.2348" | build_20230325 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.0.2399 Search vendor "Qnap" for product "Qts" and version "5.1.0.2399" | build_20230515 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.0.2418 Search vendor "Qnap" for product "Qts" and version "5.1.0.2418" | build_20230603 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.0.2444 Search vendor "Qnap" for product "Qts" and version "5.1.0.2444" | build_20230629 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.0.2466 Search vendor "Qnap" for product "Qts" and version "5.1.0.2466" | build_20230721 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.1.2491 Search vendor "Qnap" for product "Qts" and version "5.1.1.2491" | build_20230815 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.2.2533 Search vendor "Qnap" for product "Qts" and version "5.1.2.2533" | build_20230926 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.3.2578 Search vendor "Qnap" for product "Qts" and version "5.1.3.2578" | build_20231110 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.0.2409 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.0.2409" | build_20230525 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.0.2424 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.0.2424" | build_20230609 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.0.2453 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.0.2453" | build_20230708 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.0.2466 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.0.2466" | build_20230721 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.1.2488 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.1.2488" | build_20230812 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.2.2534 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.2.2534" | build_20230927 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Quts Hero Search vendor "Qnap" for product "Quts Hero" | h5.1.3.2578 Search vendor "Qnap" for product "Quts Hero" and version "h5.1.3.2578" | build_20231110 |
Affected
|