4 matches found
QNAP Remote Code Execution
QNAP proof of concept stack overflow remote code execution exploit. This has been addressed in versions QTS 5.1.7.2770 build 20240520, hero h5.1.7.2770 build 20240520 and above...
QNAP QTS curl Vulnerability (QSA-24-27)
QNAP QTS is prone to a heap buffer overflow vulnerability in curl. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...
Vulnerabilities fixed in QNAP QTS and QTS Hero
QNAP has fixed vulnerabilities in QTS and QTS Hero. A malicious person could exploit the vulnerabilities to execute arbitrary code on the vulnerable system. For successful abuse, the malicious party must be authorized. QNAP has released updates to fix the vulnerabilities in QTS and QTS Hero...
CVE-2024-27127
A double free vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute arbitrary code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520...