CVE-2021-34343 Buffer Overflow Vulnerability in QTS, QuTS hero, and QuTScloud

🗓️ 10 Sep 2021 04:00:23Reported by qnapType

Buffer Overflow Vulnerability in QNAP Device

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the QuTS hero, QTS, and QuTScloud operating systems is caused by buffer overflow in the stack, allowing attackers to execute arbitrary code.	21 Oct 202100:00	–	bdu_fstec
CNNVD	QNAP NAS 缓冲区错误漏洞	9 Sep 202100:00	–	cnnvd
CVE	CVE-2021-34343	10 Sep 202104:00	–	cve
EUVD	EUVD-2021-21003	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in QNAP nas	15 Sep 202100:00	–	ncsc
NVD	CVE-2021-34343	10 Sep 202104:15	–	nvd
OpenVAS	QNAP QTS Buffer Overflow Vulnerabilities (QSA-21-33)	13 Sep 202100:00	–	openvas
OSV	CVE-2021-34343	10 Sep 202104:15	–	osv
Prion	Stack overflow	10 Sep 202104:15	–	prion
Tenable Nessus	QNAP QTS / QuTS hero Multiple Buffer Overflow Vulnerabilities (QSA-21-33)	7 Apr 202200:00	–	nessus

[
  {
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.5.4.1715 build 20210630",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "5.0.0.1716 build 20210701",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c4.5.6.1755",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h4.5.4.1771 build 20210825",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-21-33

10 Sep 2021 04:00Current

8.5High risk

Vulners AI Score8.5

CVSS 3.16

EPSS0.01888

CWE-787