CVE-2023-23364 Information

Description

A buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited the vulnerability possibly allows remote users to execute code via unspecified vectors.

We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.1 ( 2023/03/29 ) and later Multimedia Console 1.4.7 ( 2023/03/20 ) and later

Reference

https://www.qnap.com/en/security-advisory/qsa-23-29