Multimedia Console
CVE-2023-23364

8.1HIGH

Key Information:

Vendor: QNAP
Status: Multimedia Console
Vendor: CVE Published:; 22 September 2023

Summary

A buffer copy vulnerability has been discovered in QNAP operating systems, which could potentially allow remote attackers to execute arbitrary code through unspecified methods. Users are advised to update to the patched versions of Multimedia Console to mitigate this risk.

Affected Version(s)

Multimedia Console 2.1.* < 2.1.1 ( 2023/03/29 )

Multimedia Console 1.4.* < 1.4.7 ( 2023/03/20 )

References

https://www.qnap.com/en/security-advisory/qsa-23-29

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 22, 2023
Vulnerability Reserved
Jan 11, 2023

Credit

H4lo