Search criteria
ⓘ
Use full-text search for keyword queries.
Combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by dates instead of relevance.
2 vulnerabilities found for QTS FTP service by QNAP
CVE-2017-17027 (GCVE-0-2017-17027)
Vulnerability from nvd – Published: 2017-12-21 15:00 – Updated: 2024-09-16 17:08
VLAI?
Summary
A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP | QTS FTP service |
Affected:
4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116
|
Date Public ?
2017-12-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040018"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "QTS FTP service",
"vendor": "QNAP",
"versions": [
{
"status": "affected",
"version": "4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116"
}
]
}
],
"datePublic": "2017-12-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-22T10:57:01.000Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"name": "1040018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040018"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2017-12-15T00:00:00",
"ID": "CVE-2017-17027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QTS FTP service",
"version": {
"version_data": [
{
"version_value": "4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116"
}
]
}
}
]
},
"vendor_name": "QNAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040018",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040018"
},
{
"name": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15",
"refsource": "CONFIRM",
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2017-17027",
"datePublished": "2017-12-21T15:00:00.000Z",
"dateReserved": "2017-11-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:08:54.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17027 (GCVE-0-2017-17027)
Vulnerability from cvelistv5 – Published: 2017-12-21 15:00 – Updated: 2024-09-16 17:08
VLAI?
Summary
A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.
Severity ?
No CVSS data available.
CWE
- Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| QNAP | QTS FTP service |
Affected:
4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116
|
Date Public ?
2017-12-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.393Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1040018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040018"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "QTS FTP service",
"vendor": "QNAP",
"versions": [
{
"status": "affected",
"version": "4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116"
}
]
}
],
"datePublic": "2017-12-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-22T10:57:01.000Z",
"orgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"shortName": "qnap"
},
"references": [
{
"name": "1040018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040018"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@qnap.com",
"DATE_PUBLIC": "2017-12-15T00:00:00",
"ID": "CVE-2017-17027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QTS FTP service",
"version": {
"version_data": [
{
"version_value": "4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116"
}
]
}
}
]
},
"vendor_name": "QNAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow vulnerability in FTP service in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040018",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040018"
},
{
"name": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15",
"refsource": "CONFIRM",
"url": "https://www.qnap.com/zh-tw/security-advisory/nas-201712-15"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2fd009eb-170a-4625-932b-17a53af1051f",
"assignerShortName": "qnap",
"cveId": "CVE-2017-17027",
"datePublished": "2017-12-21T15:00:00.000Z",
"dateReserved": "2017-11-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:08:54.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}