CVE-2021-34345: Stack Based Overflow Vulnerability in NVR Storage Expansion
First published: Fri Sep 10 2021(Updated: )
A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qnap Ej1600 Firmware | <1.0.6 | |
| Qnap Ej1600 | ||
| Qnap Tl-r1620sdc Firmware | <1.0.6 | |
| Qnap Tl-r1620sdc | ||
| Qnap Tl-r1620sep-rp Firmware | <1.0.6 | |
| Qnap Tl-r1620sep-rp | ||
| Qnap Tl-r1220sep-rp Firmware | <1.0.6 | |
| Qnap Tl-r1220sep-rp | ||
| Qnap Tl-d1600s Firmware | <1.0.6 | |
| Qnap Tl-d1600s | ||
| Qnap Tl-d800s Firmware | <1.0.6 | |
| Qnap Tl-d800s | ||
| Qnap Tl-d400s Firmware | <1.0.6 | |
| Qnap Tl-d400s | ||
| Qnap Tl-r1200s-rp Firmware | <1.0.6 | |
| Qnap Tl-r1200s-rp | ||
| Qnap Tl-r400s Firmware | <1.0.6 | |
| Qnap Tl-r400s | ||
| Qnap Tl-r1200c-rp Firmware | <1.0.6 | |
| Qnap Tl-r1200c-rp | ||
| Qnap Tl-d800c Firmware | <1.0.6 | |
| Qnap Tl-d800c | ||
| Qnap Tr-004 Firmware | <1.0.6 | |
| Qnap Tr-004 | ||
| Qnap Tr-002 Firmware | <1.0.6 | |
| Qnap Tr-002 | ||
| Qnap Tr-004u Firmware | <1.0.6 | |
| Qnap Tr-004u |
Remedy
We have already fixed this vulnerability in the following versions of NVR Storage Expansion: NVR Storage Expansion 1.0.6 ( 2021/08/03 ) and later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/title
- agent/author
- agent/last-modified-date
- agent/remedy
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/qnap
- canonical/qnap ej1600 firmware
- canonical/qnap ej1600
- canonical/qnap tl-r1620sdc firmware
- canonical/qnap tl-r1620sdc
- canonical/qnap tl-r1620sep-rp firmware
- canonical/qnap tl-r1620sep-rp
- canonical/qnap tl-r1220sep-rp firmware
- canonical/qnap tl-r1220sep-rp
- canonical/qnap tl-d1600s firmware
- canonical/qnap tl-d1600s
- canonical/qnap tl-d800s firmware
- canonical/qnap tl-d800s
- canonical/qnap tl-d400s firmware
- canonical/qnap tl-d400s
- canonical/qnap tl-r1200s-rp firmware
- canonical/qnap tl-r1200s-rp
- canonical/qnap tl-r400s firmware
- canonical/qnap tl-r400s
- canonical/qnap tl-r1200c-rp firmware
- canonical/qnap tl-r1200c-rp
- canonical/qnap tl-d800c firmware
- canonical/qnap tl-d800c
- canonical/qnap tr-004 firmware
- canonical/qnap tr-004
- canonical/qnap tr-002 firmware
- canonical/qnap tr-002
- canonical/qnap tr-004u firmware
- canonical/qnap tr-004u