Vulnerability Details CVE-2021-34346
A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-34346
-
cpe:2.3:h:qnap:nvr_storage_expansion:-
-
cpe:2.3:o:qnap:nvr_storage_expansion_firmware:*