EUVD-2023-49360

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Buffer copy vulnerability in QNAP systems allows code execution by authenticated admins remotely.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2023-45039	24 Jan 202414:47	–	circl
CNNVD	QNAP Systems QTS and QuTS hero security vulnerabilities	5 Jan 202400:00	–	cnnvd
CVE	CVE-2023-45039	5 Jan 202416:18	–	cve
Cvelist	CVE-2023-45039 QTS, QuTS hero	5 Jan 202416:18	–	cvelist
NVD	CVE-2023-45039	5 Jan 202417:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-23-27)	9 Jan 202400:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-23-27)	9 Jan 202400:00	–	openvas
Prion	Input validation	5 Jan 202417:15	–	prion
Positive Technologies	PT-2023-9127 · Qnap · Qnap Qts +1	3 Oct 202300:00	–	ptsecurity
Tenable Nessus	QNAP QTS / QuTS hero Multiple Vulnerabilities in QTS and QuTS hero (QSA-23-27)	8 Jan 202400:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "45ec773b-dcec-379f-9e0f-fcebf136b560",
        "vendor": {
          "name": "QNAP Systems Inc."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "124c9288-2465-38b7-8f51-5ee671e7b227",
        "product": {
          "name": "QTS"
        },
        "product_version": "5.1.x <5.1.4.2596 build 20231128"
      },
      {
        "id": "7d760be4-cafc-3dd4-b005-e539ba85199d",
        "product": {
          "name": "QuTS hero"
        },
        "product_version": "h5.1.x <h5.1.4.2596 build 20231128"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-23-27

03 Oct 2025 20:07Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.13.8 - 7.2

EPSS0.00081

SSVC