Vulnerability Details CVE-2017-17031
A buffer overflow vulnerability in password function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-17031
-
cpe:2.3:o:qnap:qts:-
-
cpe:2.3:o:qnap:qts:4.0
-
cpe:2.3:o:qnap:qts:4.0.3
-
cpe:2.3:o:qnap:qts:4.1.0
-
cpe:2.3:o:qnap:qts:4.1.1
-
cpe:2.3:o:qnap:qts:4.1.4
-
cpe:2.3:o:qnap:qts:4.2.0
-
cpe:2.3:o:qnap:qts:4.2.1
-
cpe:2.3:o:qnap:qts:4.2.2
-
cpe:2.3:o:qnap:qts:4.2.3
-
cpe:2.3:o:qnap:qts:4.2.4
-
cpe:2.3:o:qnap:qts:4.2.6
-
cpe:2.3:o:qnap:qts:4.3.1.0013
-
cpe:2.3:o:qnap:qts:4.3.1.0023
-
cpe:2.3:o:qnap:qts:4.3.2.0050
-
cpe:2.3:o:qnap:qts:4.3.2.0060
-
cpe:2.3:o:qnap:qts:4.3.2.0144
-
cpe:2.3:o:qnap:qts:4.3.3
-
cpe:2.3:o:qnap:qts:4.3.3.0095
-
cpe:2.3:o:qnap:qts:4.3.3.0096
-
cpe:2.3:o:qnap:qts:4.3.3.0136
-
cpe:2.3:o:qnap:qts:4.3.3.0154
-
cpe:2.3:o:qnap:qts:4.3.3.0174
-
cpe:2.3:o:qnap:qts:4.3.3.0188
-
cpe:2.3:o:qnap:qts:4.3.3.0210
-
cpe:2.3:o:qnap:qts:4.3.3.0229
-
cpe:2.3:o:qnap:qts:4.3.3.0238
-
cpe:2.3:o:qnap:qts:4.3.3.0262
-
cpe:2.3:o:qnap:qts:4.3.3.0299
-
cpe:2.3:o:qnap:qts:4.3.3.0351
-
cpe:2.3:o:qnap:qts:4.3.3.0353
-
cpe:2.3:o:qnap:qts:4.3.3.0361
-
cpe:2.3:o:qnap:qts:4.3.3.0369
-
cpe:2.3:o:qnap:qts:4.3.3.0378
-
cpe:2.3:o:qnap:qts:4.3.4.0358
-
cpe:2.3:o:qnap:qts:4.3.4.0370
-
cpe:2.3:o:qnap:qts:4.3.4.0372
-
cpe:2.3:o:qnap:qts:4.3.4.0374
-
cpe:2.3:o:qnap:qts:4.3.4.0387