Описание
Buffer Overflow vulnerability in NAS devices. QTS allows attackers to run arbitrary code. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*
cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01264
Низкий
7.7 High
CVSS3
10 Critical
CVSS2
Дефекты
CWE-120
CWE-119
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Buffer Overflow vulnerability in NAS devices. QTS allows attackers to run arbitrary code. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.
EPSS
Процентиль: 79%
0.01264
Низкий
7.7 High
CVSS3
10 Critical
CVSS2
Дефекты
CWE-120
CWE-119