Buffer Overflow Vulnerability in Multimedia Console
CVE-2021-38684

8.1HIGH

Key Information:

Vendor: QNAP
Status: Multimedia Console
Vendor: CVE Published:; 13 November 2021

What is CVE-2021-38684?

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later

Affected Version(s)

Multimedia Console < 1.4.3 ( 2021/10/05 )

Multimedia Console < 1.5.3 ( 2021/10/05 )

References

https://www.qnap.com/en/security-advisory/qsa-21-45

x_refsource_MISC

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 13, 2021
Vulnerability Reserved
Aug 13, 2021

Credit

crixer