{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-27T08:01:46.882","vulnerabilities":[{"cve":{"id":"CVE-2023-41292","sourceIdentifier":"security@qnapsecurity.com.tw","published":"2024-02-02T16:15:49.713","lastModified":"2024-11-21T08:21:00.197","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.4.2596 build 20231128 and later\nQuTS hero h5.1.4.2596 build 20231128 and later\nQuTScloud c5.1.5.2651 and later\n"},{"lang":"es","value":"Se ha informado que una copia del búfer sin verificar el tamaño de la vulnerabilidad de entrada afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podría permitir a los administradores autenticados ejecutar código a través de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: QTS 5.1.4.2596 build 20231128 y posteriores QuTS hero h5.1.4.2596 build 20231128 y posteriores QuTScloud c5.1.5.2651 y posteriores"}],"metrics":{"cvssMetricV31":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security@qnapsecurity.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2348:build_20230325:*:*:*:*:*:*","matchCriteriaId":"39382CBA-EA68-426A-AC07-A9A26E722CAB"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2399:build_20230515:*:*:*:*:*:*","matchCriteriaId":"BCB37C08-1DF7-4AF4-9BB1-C562E5643B5A"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2418:build_20230603:*:*:*:*:*:*","matchCriteriaId":"8368130C-F26D-41FE-8D78-B103A23B5327"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2444:build_20230629:*:*:*:*:*:*","matchCriteriaId":"3E0EE181-78AF-4C3C-90A4-C69A2DE6E176"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.0.2466:build_20230721:*:*:*:*:*:*","matchCriteriaId":"56E3AE06-78DA-4844-ADC1-09A35F1C5B54"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.1.2491:build_20230815:*:*:*:*:*:*","matchCriteriaId":"D2AA7A32-0DA8-4417-A23E-C4F563BC7819"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.2.2533:build_20230926:*:*:*:*:*:*","matchCriteriaId":"80E7C17C-ED6D-439D-A1F3-1870A3ADA926"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.3.2578:build_20231110:*:*:*:*:*:*","matchCriteriaId":"636C2D9C-C837-4FAC-B79D-1CA7A7C1FF3E"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qts:5.1.4.2596:-:*:*:*:*:*:*","matchCriteriaId":"632DA602-2920-4418-B6E3-1AA9EA671FD4"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2409:build_20230525:*:*:*:*:*:*","matchCriteriaId":"6CA398A8-EBDF-4D41-B15E-7B763F885021"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2424:build_20230609:*:*:*:*:*:*","matchCriteriaId":"F63A5ED2-ECC2-49A0-BFA9-548E35ACD6C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2453:build_20230708:*:*:*:*:*:*","matchCriteriaId":"53387FAC-7BE0-47D7-99BF-2B1F03C17CC3"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.0.2466:build_20230721:*:*:*:*:*:*","matchCriteriaId":"D4226394-0023-4CD2-BB89-77251BF92FF3"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.1.2488:build_20230812:*:*:*:*:*:*","matchCriteriaId":"646257F7-D4A4-43B0-91F2-7850338B3CA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.2.2534:build_20230927:*:*:*:*:*:*","matchCriteriaId":"88825AE1-B006-4F7F-BD90-D4B1CF1251A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.3.2578:build_20231110:*:*:*:*:*:*","matchCriteriaId":"3F471666-4919-4770-956E-ACE4C55D29DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:quts_hero:h5.1.4.2596:-:*:*:*:*:*:*","matchCriteriaId":"4A2A0A37-D0A4-4801-BED4-D367188EFF00"},{"vulnerable":true,"criteria":"cpe:2.3:o:qnap:qutscloud:c5.1.0.2498:build_20230822:*:*:*:*:*:*","matchCriteriaId":"C50B05E2-8F25-4CA7-84FE-F5C510C83FE1"}]}]}],"references":[{"url":"https://www.qnap.com/en/security-advisory/qsa-23-46","source":"security@qnapsecurity.com.tw","tags":["Vendor Advisory"]},{"url":"https://www.qnap.com/en/security-advisory/qsa-23-46","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}