PT-2021-17922 · Qnap · Surveillance Station
Published
2021-04-13
·
Updated
2021-04-21
·
CVE-2021-28797
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Surveillance Station versions prior to 5.1.5.4.3 for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS)
Surveillance Station versions prior to 5.1.5.3.3 for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)
Description:
A stack-based buffer overflow issue has been identified, allowing attackers to execute arbitrary code. This issue affects QNAP NAS devices running Surveillance Station.
Recommendations:
For Surveillance Station versions prior to 5.1.5.4.3 on ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS), update to version 5.1.5.4.3 or later.
For Surveillance Station versions prior to 5.1.5.3.3 on ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS), update to version 5.1.5.3.3 or later.
Fix
Memory Corruption
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Surveillance Station