Published: 10/09/2021 Updated: 10/02/2022

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows malicious users to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later

Vulnerable Product	Search on Vulmon	Subscribe to Product
qnap ej1600_firmware
qnap tl-r1620sdc_firmware
qnap tl-r1620sep-rp_firmware
qnap tl-r1220sep-rp_firmware
qnap tl-d1600s_firmware
qnap tl-d800s_firmware
qnap tl-d400s_firmware
qnap tl-r1200s-rp_firmware
qnap tl-r400s_firmware
qnap tl-r1200c-rp_firmware
qnap tl-d800c_firmware
qnap tr-004_firmware
qnap tr-002_firmware
qnap tr-004u_firmware

CWE-787 https://www.qnap.com/en/security-advisory/qsa-21-36 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-34345

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect