Lucene search
QnapCVELIST:CVE-2024-32763HistorySep 06, 2024 - 4:27 p.m.
CVE-2024-32763 QTS, QuTS hero
2024-09-0616:27:41
CWE-122
CWE-120
qnap
www.cve.org
2
cve-2024-32763
qts
quts hero
buffer copy
vulnerability
qnap operating system
authenticated users
code execution
network
fixed
versions
CVSS4
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:L/SI:L/VA:N/SA:N
EPSS
0
Percentile
9.5%
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.1.8.2823 build 20240712 and later
QuTS hero h5.1.8.2823 build 20240712 and later
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "QTS",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "5.1.8.2823 build 20240712",
"status": "affected",
"version": "5.1.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "QuTS hero",
"vendor": "QNAP Systems Inc.",
"versions": [
{
"lessThan": "h5.1.8.2823 build 20240712",
"status": "affected",
"version": "h5.1.x",
"versionType": "custom"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2024-32763 QTS, QuTS hero
2024-09-06 16:27:41
nvd
nvd
CVE-2024-32763
2024-09-06 17:15:15
cve
cve
CVE-2024-32763
2024-09-06 17:15:15
openvas
openvas
QNAP QuTS hero Multiple Vulnerabilities (QSA-24-33)
2024-09-10 00:00:00
QNAP QTS Multiple Vulnerabilities (QSA-24-33)
2024-09-10 00:00:00
CVSS4
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/SC:N/VI:L/SI:L/VA:N/SA:N
EPSS
0
Percentile
9.5%
Related for CVELIST:CVE-2024-32763