Search

安全ID : QSA-21-36

Stack-Based Buffer Overflow Vulnerabilities in NVR Storage Expansion

  • 发布日期 : September 10, 2021

  • 通用漏洞披露 : CVE-2021-34345 | CVE-2021-34346

  • 受影响产品: QNAP NAS running NVR Storage Expansion

严重程度

严重

状态

已解决

Summary

Two stack-based buffer overflow vulnerabilities have been reported to affect QNAP NAS running NVR Storage Expansion. If exploited, these vulnerabilities allow attackers to execute arbitrary code.

We have already fixed the vulnerabilities in the following versions:

  • NVR Storage Expansion 1.0.6 (2021/08/03) and later

Recommendation

To fix the vulnerabilities, we recommend updating NVR Storage Expansion to the latest version.

Updating NVR Storage Expansion

  1. Log on to QTS as administrator.
  2. Open the App Center and then click .
    A search box appears.
  3. Type “NVR Storage Expansion” and then press ENTER.
    NVR Storage Expansion appears in the search results.
  4. Click Update.
    A confirmation message appears.
    Note: The Update button is not available if your NVR Storage Expansion is already up to date.
  5. Click OK.
    The application is updated.

致谢: crixer

修订历史: V1.0 (September 10, 2021) - Published

选择规格

      显示更多 隐藏更多
      open menu
      back to top