cbcvebase.
CVE-2022-27600
published 2024-12-19

CVE-2022-27600: An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could…

PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.58%
43.6th percentile
An uncontrolled resource consumption vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2277 and later QTS 4.5.4.2280 build 20230112 and later QuTS hero h5.0.1.2277 build 20230112 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

Affected

14 ranges
VendorProductVersion rangeFixed in
qnapqts
qnapqts
qnapqts>= 4.5.1 < 4.5.4.22804.5.4.2280
qnapqts>= 5.0.0 < 5.0.1.22775.0.1.2277
qnapquts_hero
qnapquts_hero
qnapquts_hero>= h4.5.1 < h4.5.4.2374h4.5.4.2374
qnapquts_hero>= h5.0 < h5.0.1.2277h5.0.1.2277
qnapqutscloud>= c5.0.1 < c5.0.1.2374c5.0.1.2374
qnap_systems_incqts>= 4.5.x < 4.5.4.2280 build 202301124.5.4.2280 build 20230112
qnap_systems_incqts>= 5.0.x < 5.0.1.22775.0.1.2277
qnap_systems_incquts_hero>= h4.5.x < h4.5.4.2374 build 20230417h4.5.4.2374 build 20230417
qnap_systems_incquts_hero>= h5.0.x < h5.0.1.2277 build 20230112h5.0.1.2277 build 20230112
qnap_systems_incqutscloud>= c5.x.x < c5.0.1.2374c5.0.1.2374
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.