A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later
References
Link | Resource |
---|---|
https://www.qnap.com/en/security-advisory/qsa-21-45 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Nov 2021, 16:00
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CPE | cpe:2.3:a:qnap:multimedia_console:1.5.2:*:*:*:*:*:*:* cpe:2.3:a:qnap:multimedia_console:*:*:*:*:*:*:*:* |
|
Summary | A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Multimedia Console: Multimedia Console 1.4.3 ( 2021/10/05 ) and later Multimedia Console 1.5.3 ( 2021/10/05 ) and later | |
CWE | CWE-787 | |
References | (MISC) https://www.qnap.com/en/security-advisory/qsa-21-45 - Vendor Advisory |
13 Nov 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-13 01:15
Updated : 2024-02-04 22:08
NVD link : CVE-2021-38684
Mitre link : CVE-2021-38684
CVE.ORG link : CVE-2021-38684
JSON object : View
Products Affected
qnap
- multimedia_console
CWE
CWE-787
Out-of-bounds Write