CVE-2021-34345

Published: Sep 10, 2021Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later

Affected (14)

Products: Qnap: Ej1600 Firmware, Tl R1620sdc Firmware, Tl R1620sep Rp Firmware, Tl R1220sep Rp Firmware, Tl D1600s Firmware, Tl D800s Firmware, Tl D400s Firmware, Tl R1200s Rp Firmware, Tl R400s Firmware, Tl R1200c Rp Firmware, Tl D800c Firmware, Tr 004 Firmware, Tr 002 Firmware, Tr 004u Firmware

Qnap

14 products

Ej1600 Firmware

Tl R1620sdc Firmware

Tl R1620sep Rp Firmware

Tl R1220sep Rp Firmware

Tl D1600s Firmware

Tl D800s Firmware

Tl D400s Firmware

Tl R1200s Rp Firmware

Tl R400s Firmware

Tl R1200c Rp Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Ej1600 Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Ej1600	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl R1620sdc Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl R1620sdc	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl R1620sep Rp Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl R1620sep Rp	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl R1220sep Rp Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl R1220sep Rp	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl D1600s Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl D1600s	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl D800s Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl D800s	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl D400s Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl D400s	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl R1200s Rp Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl R1200s Rp	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl R400s Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl R400s	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl R1200c Rp Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl R1200c Rp	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tl D800c Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tl D800c	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tr 004 Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tr 004	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tr 002 Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tr 002	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qnap Tr 004u Firmware	Before 1.0.6

Running on/with	Platform Versions
Qnap Tr 004u	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://www.qnap.com/en/security-advisory/qsa-21-36

Source: security@qnapsecurity.com.tw

Vendor Advisory

https://www.qnap.com/en/security-advisory/qsa-21-36

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.