PT-2023-7547 · Qnap · Qts
H4Lo
·
Publicado
2023-09-21
·
Atualizado
2023-09-26
·
CVE-2023-23363
CVSS v2.0
10
Crítica
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
QTS versions prior to 4.2.6 build 20230621
QTS versions prior to 4.3.3.2420 build 20230621
QTS versions prior to 4.3.4.2451 build 20230621
QTS versions prior to 4.3.6.2441 build 20230621
Description
The issue is related to a buffer copy without checking the size of the input, which can allow remote users to execute code via unspecified vectors. This can be exploited by a remote attacker to execute arbitrary code.
Recommendations
For QTS versions prior to 4.2.6 build 20230621, update to QTS 4.2.6 build 20230621 or later.
For QTS versions prior to 4.3.3.2420 build 20230621, update to QTS 4.3.3.2420 build 20230621 or later.
For QTS versions prior to 4.3.4.2451 build 20230621, update to QTS 4.3.4.2451 build 20230621 or later.
For QTS versions prior to 4.3.6.2441 build 20230621, update to QTS 4.3.6.2441 build 20230621 or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Qts