Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.13 views

Qnap QTS Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-17033)

A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 Beta 2 build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices. This plugin only works with Tenable.ot. Please visit...

9.8CVSS9.2AI score0.04439EPSS
Exploits2References3
CVE
CVE
added 2017/12/21 3:0 p.m.75 views

CVE-2017-17033

QNAP QTS CVE-2017-17033 is a stack-based buffer overflow in the password handling of QTS web interfaces (authLogin.cgi/sysinfoReq.cgi). The root cause is lack of bounds checking when the lang parameter is processed in handle_qpkg(), allowing an attacker to overflow a fixed-size stack buffer and e...

9.8CVSS9.9AI score0.04439EPSS
Exploits2References2Affected Software1
seebug.org
seebug.org
added 2017/12/15 12:0 a.m.80 views

QNAP QTS Unauthenticated Remote Code Execution(CVE-2017-17033)

Vulnerability Summary The following advisory describes a memory corruption vulnerability that can lead to an unauthenticated remote code execution in QNAP QTS versions 4.3.x and 4.2.x, including the 4.3.3.0299. QNAP Systems, Inc. “specializes in providing networked solutions for file sharing,...

10AI score0.04439EPSS
Exploits2
OpenVAS
OpenVAS
added 2017/12/13 12:0 a.m.167 views

QNAP QTS < 4.2.6 build 20171208, 4.3.3.x < 4.3.3.0396 build 20171205, 4.3.4.x < 4.3.4.0411 build 20171208 Multiple Vulnerabilities

QNAP QTS is vulnerable to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

9.8CVSS8.4AI score0.21408EPSS
Exploits2References4
Rows per page
Query Builder