CVE-2023-32968

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Dec 8, 2023

Updated: Dec 13, 2023

CWE ID 120

Summary

CVE-2023-32968 is a recently discovered buffer copy vulnerability that affects several QNAP operating system versions. Authenticated administrators can exploit this issue by supplying excessively large input without proper checks. The consequence of this vulnerability could be the execution of arbitrary code via a network. QNAP has addressed this vulnerability in QTS 5.0.1.2514 and later, QTS 5.1.2.2533 and later, QuTS hero h5.0.1.2515 and later, and QuTS hero h5.1.2.2534 and later.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP QTS

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tvHyOI
https://www.cve.org/CVERecord?id=CVE-2023-32968
https://nvd.nist.gov/vuln/detail/CVE-2023-32968

Back to Vulnerability Database