5 matches found
Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17027)
A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices. This plugin only works with Tenable.ot. Please visit...
CVE-2017-17027
creationtimestamp| type| source ---|---|--- 2018-05-24 15:44:33+00:00| seen| MISP/5b06d57d-f2b8-4357-9038-45d39f590eb0...
Pre-auth Remote Code Execution exploit for QNAP QTS
!/usr/bin/env python -- coding: iso-8859-15 -- Pre-auth Remote Code Execution exploit for QNAP QTS 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 2017111 Just a quick dirty RCE PoC to make your QNAP sing "XMAS" in morse. Author: Andrea Palazzo @cogitoergor00t E-mail:...
CVE-2017-17027
CVE-2017-17027 affects QNAP QTS NASFTPD: a stack-based buffer overflow in the FTP service allows remote code execution. Affected are QTS versions 4.2.6 (build 20171026), 4.3.3.0378 (build 20171117), 4.3.4.0387 Beta2 (build 20171116) and earlier. Root cause per ZDI involves improper validation dur...
QNAP QTS < 4.2.6 build 20171208, 4.3.3.x < 4.3.3.0396 build 20171205, 4.3.4.x < 4.3.4.0411 build 20171208 Multiple Vulnerabilities
QNAP QTS is vulnerable to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...