cbcvebase.
CVE-2023-45044
published 2024-01-05

CVE-2023-45044: A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability…

PriorityP346high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
0.64%
46.1th percentile
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later

Affected

17 ranges
VendorProductVersion rangeFixed in
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapqts
qnapquts_hero
qnapquts_hero
qnapquts_hero
qnapquts_hero
qnapquts_hero
qnapquts_hero
qnapquts_hero
qnap_systems_incqts>= 5.1.x < 5.1.4.2596 build 202311285.1.4.2596 build 20231128
qnap_systems_incquts_hero>= h5.1.x < h5.1.4.2596 build 20231128h5.1.4.2596 build 20231128
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.