VDB

GCVE-VVD-NCSC-2024-361

GCVE-VVD-NCSC-2024-361
Advisory PublishedCVSS 8.8/10
Vulnetix · Advisory published September 10, 2024
QNAP heeft kwetsbaarheden verholpen in QTS en QTS Hero.
Download JSON Open in Console

Weaknesses (CWE)

CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-862Missing AuthorizationCWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')CWE-307Improper Restriction of Excessive Authentication AttemptsCWE-77Improper Neutralization of Special Elements used in a Command ('Command Injection')

Risk Scores

CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersionsPlatforms
qnap_systems_inc.qts
qnap_systems_inc.quts_hero
qnapquts_hero
qnapqts

Aliases

CVE-2023-34974CVE-2024-21906CVE-2023-34979CVE-2024-32771CVE-2024-32763CVE-2024-38641CVE-2023-39298

Transitive aliases

GHSA-gxm8-54cq-9h89VVD-CISA-2023-34979EUVD-2023-39018EUVD-2024-37502EUVD-2023-43030GHSA-p6pf-4j65-mvw8GHSA-gf8j-xg2w-58pxVVD-CISA-2023-39298VVD-CISA-2024-32771EUVD-2024-30557BDU:2024-06756VVD-CISA-2024-21906GHSA-5mrr-fx45-wmm7VVD-CISA-2024-32763EUVD-2024-30549EUVD-2024-19517GHSA-2853-84mf-g278VVD-CISA-2023-34974EUVD-2023-39013GHSA-v52j-76fx-xfcfGHSA-crwj-f9hc-c6g4VVD-CISA-2024-38641

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›