ГлавнаяУязвимости → CVE-2024-27130
7.2высокая

CVE-2024-27130

→ есть в БДУ: BDU:2024-03943 (на русском)
Описание (на английском; русское — в БДУ выше)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later

Затрагиваемое ПО
Qnap QtsQnap Quts hero
CVSS
Балл7.2 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
Источники
https://www.qnap.com/en/security-advisory/qsa-24-23https://www.qnap.com/en/security-advisory/qsa-24-23