Buffer Copy Vulnerability Affects QNAP Operating System Versions
Key Information
- Vendor
- QNAP
- Status
- Qts
- Quts Hero
- Vendor
- CVE Published:
- 21 May 2024
Badges
Summary
The vulnerabilities affecting QNAP operating system versions include an incorrect permission assignment for critical resource, a double free vulnerability, and a set of buffer overflow vulnerabilities. These could all be exploited by authenticated users to execute arbitrary code via a network. The CVE-2024-27130 vulnerability, in particular, is caused by the unsafe use of the 'strcpy' function in the No_Support_ACL function, and can be exploited when sharing media with external users by an attacker with a valid 'ssid' parameter. However, exploitation is made difficult by Address Space Layout Randomization (ASLR) in QTS 4.x and 5.x versions. Meanwhile, researchers have discovered 15 vulnerabilities in QNAP’s network attached storage (NAS) devices, and have released a proof-of-concept for one unauthenticated stack overflow vulnerability (CVE-2024-27130) that may be leveraged for remote code execution. NAS users are recommended to update to the latest versions of QTS and QuTS hero as soon as possible to mitigate potential threats.
Affected Version(s)
QTS < 5.1.7.2770 build 20240520
QuTS hero < h5.1.x
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances
QNAP releases fixes for medium-severity flaws in QTS and QuTS hero NAS appliances.
7 months ago
15 QNAP NAS bugs and one PoC disclosed, update ASAP! (CVE-2024-27130) - Help Net Security
Researchers have found 15 vulnerabilities in QNAP's NAS devices and have released a PoC for one (CVE-2024-27130).
7 months ago
PoC Exploit Released for QNAP QTS zero-day RCE Flaw
Researchers have shown a proof-of-concept (PoC) attack for a zero-day remote code execution (RCE) flaw in the QTS operating system from QNAP.
7 months ago
CVSS V3.1
Timeline
- 👾
Exploit exists.
Vulnerability started trending.
Vulnerability published.
First article discovered by watchTowr Labs - Blog
Vulnerability Reserved.