We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2021-34343

Buffer Overflow Vulnerability in QTS, QuTS hero, and QuTScloud



Assignerqnap
Reserved2021-06-08
Published2021-09-10
Updated2024-09-16

Description

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later



MEDIUM: 6.0CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H

Product status

Any version before 4.5.4.1715 build 20210630
affected

Any version before 5.0.0.1716 build 20210701
affected

Any version before c4.5.6.1755
affected

Any version before h4.5.4.1771 build 20210825
affected

Credits

Bingwei Peng of VARAS@IIE

References

https://www.qnap.com/en/security-advisory/qsa-21-33

cve.org CVE-2021-34343

nvd.nist.gov CVE-2021-34343

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2021-34343
Support options

Helpdesk Telegram

Subscribe to our newsletter to learn more about our work.

© Copyright 2024 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.