PT-2021-4460 · Qnap · Qutscloud+2
Bingwei Peng
·
Published
2021-09-09
·
Updated
2022-02-10
·
CVE-2021-28816
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
QTS versions prior to 4.3.3.1693 build 20210624
QTS versions prior to 4.3.6.1750 build 20210730
QTS versions prior to 4.5.4.1715 build 20210630
QTS versions prior to 5.0.0.1716 build 20210701
QuTScloud versions prior to c4.5.6.1755
QuTS hero versions prior to h4.5.4.1771 build 20210825
Description
A stack buffer overflow issue affects QNAP devices running QTS, QuTScloud, QuTS hero, allowing attackers to execute arbitrary code if exploited.
Recommendations
For QTS versions prior to 4.3.3.1693 build 20210624, update to QTS 4.3.3.1693 build 20210624 or later.
For QTS versions prior to 4.3.6.1750 build 20210730, update to QTS 4.3.6.1750 build 20210730 or later.
For QTS versions prior to 4.5.4.1715 build 20210630, update to QTS 4.5.4.1715 build 20210630 or later.
For QTS versions prior to 5.0.0.1716 build 20210701, update to QTS 5.0.0.1716 build 20210701 or later.
For QuTScloud versions prior to c4.5.6.1755, update to QuTScloud c4.5.6.1755 or later.
For QuTS hero versions prior to h4.5.4.1771 build 20210825, update to QuTS hero h4.5.4.1771 build 20210825 or later.
Fix
Stack Overflow
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Qts
Quts Hero
Qutscloud