← volver
CVE-2023-23364

Multimedia Console

CVSS 8.1 HIGHEPSS 0.8%CWE-120
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.1EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 sep 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.1 ( 2023/03/29 ) and later Multimedia Console 1.4.7 ( 2023/03/20 ) and later
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
QNAP Systems Inc. · Multimedia Console

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.qnap.com/en/security-advisory/qsa-23-29