CVE-2023-45036

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Feb 2, 2024

Updated: Feb 6, 2024

CWE ID 120

Summary

CVE-2023-45036 is a buffer copy vulnerability that affects several versions of QNAP's operating system. This issue arises from failing to check the size of input, potentially allowing authenticated administrators to execute code via a network. The vulnerability has been addressed in QTS 5.1.3.2578 build 20231110 and later, QuTS hero h5.1.3.2578 build 20231110 and later, and QuTScloud c5.1.5.2651 and later.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP QTS

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s4dGwR
https://www.cve.org/CVERecord?id=CVE-2023-45036
https://nvd.nist.gov/vuln/detail/CVE-2023-45036

Back to Vulnerability Database