CVE-2023-45035

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Feb 2, 2024

Updated: Feb 8, 2024

CWE ID 120

Summary

CVE-2023-45035 is a buffer copy vulnerability that affects several versions of QNAP operating systems. This issue allows authenticated administrators to execute code over a network if exploited. Specifically, the vulnerability occurs due to a failure to check the size of input data during a copy operation. The affected versions include QTS 5.1.4.2596, QuTS hero h5.1.4.2596, and QuTScloud c5.1.5.2651. QNAP has already released fixes for these versions to address this issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP QTS

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s4dAAG
https://www.cve.org/CVERecord?id=CVE-2023-45035
https://nvd.nist.gov/vuln/detail/CVE-2023-45035

Back to Vulnerability Database