Описание
A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.0.6 (исключая)
Одновременно
cpe:2.3:o:qnap:nvr_storage_expansion_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:qnap:nvr_storage_expansion:-:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00723
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
CWE-787
Связанные уязвимости
github
больше 3 лет назад
A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later
EPSS
Процентиль: 72%
0.00723
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
CWE-787