Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2017-17033

A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

  • Published: Dec 21, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-17033
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
qnap / qts 4.3.4.0387-beta2 4.3.4.0387-beta2.x
qnap / qts - 4.3.3.0378.x
qnap / qts 4.3.4.0370-beta1 4.3.4.0370-beta1.x
qnap / qts 4.3.4.0372-beta1 4.3.4.0372-beta1.x
qnap / qts 4.3.4.0374-beta1 4.3.4.0374-beta1.x
qnap / qts 4.3.4.0358-beta1 4.3.4.0358-beta1.x