A buffer overflow vulnerability in login function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.
References
Link | Resource |
---|---|
https://www.qnap.com/zh-tw/security-advisory/nas-201712-15 | Issue Tracking Vendor Advisory |
http://www.securitytracker.com/id/1040018 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-12-21 07:29
Updated : 2018-01-04 10:44
NVD link : CVE-2017-17030
Mitre link : CVE-2017-17030
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
qnap
- qts