Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.12 views

Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17030)

A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices. This plugin only works with Tenable.ot. Please visit...

9.8CVSS8.9AI score0.03284EPSS
Exploits1References3
seebug.org
seebug.org
added 2017/12/26 12:0 a.m.927 views

Pre-auth Remote Code Execution exploit for QNAP QTS

!/usr/bin/env python -- coding: iso-8859-15 -- Pre-auth Remote Code Execution exploit for QNAP QTS 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 2017111 Just a quick dirty RCE PoC to make your QNAP sing "XMAS" in morse. Author: Andrea Palazzo @cogitoergor00t E-mail:...

7.5CVSS0.04439EPSS
Exploits2
CVE
CVE
added 2017/12/21 3:0 p.m.59 views

CVE-2017-17030

CVE-2017-17030 is a buffer overflow in QNAP QTS login/authLogin.cgi that can allow remote code execution. Affected: QTS 4.2.6 (build 20171026), 4.3.3.0378 (build 20171117), 4.3.4.0387 (Beta 2, build 20171116) and earlier. Root cause: improper handling during parsing of the Host header leading to ...

9.8CVSS9.9AI score0.03284EPSS
Exploits1References2Affected Software1
OpenVAS
OpenVAS
added 2017/12/13 12:0 a.m.167 views

QNAP QTS < 4.2.6 build 20171208, 4.3.3.x < 4.3.3.0396 build 20171205, 4.3.4.x < 4.3.4.0411 build 20171208 Multiple Vulnerabilities

QNAP QTS is vulnerable to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

9.8CVSS8.4AI score0.21408EPSS
Exploits2References4
Rows per page
Query Builder