A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2514 build 20230906 and later
QTS 5.1.2.2533 build 20230926 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.2.2534 build 20230927 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-23-07 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2023-12-08T16:07:05.465Z
Updated: 2024-08-02T15:32:46.334Z
Reserved: 2023-05-16T10:44:49.056Z
Link: CVE-2023-32975
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-08T16:15:16.153
Modified: 2023-12-13T16:14:16.973
Link: CVE-2023-32975
Redhat
No data.