Buffer Copy Issue in QNAP Operating Systems
CVE-2024-37047

Currently unrated

Key Information:

Vendor: QNAP
Status: QNAP Operating System
Vendor: CVE Published:; 22 November 2024

Summary

A buffer copy vulnerability affecting multiple versions of QNAP operating systems may allow attackers with administrative access to execute arbitrary code. This issue arises from a failure to validate the size of input during the copy process, posing a potential risk if exploited. QNAP has resolved this vulnerability in the specified builds, and users are urged to update to maintain system security.

References

https://www.qnap.com/en/security-advisory/qsa-24-43

Timeline

Vulnerability published
Nov 22, 2024