Home

Description

A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to modify memory or crash processes. We have already fixed the vulnerability in the following versions: QTS 5.2.4.3079 build 20250321 and later QuTS hero h5.2.4.3079 build 20250321 and later

PUBLISHED Reserved 2024-12-31 | Published 2025-06-06 | Updated 2025-06-06 | Assigner qnap




MEDIUM: 5.3CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-120

CWE-122

Product status

Default status
unaffected

5.2.x (custom) before 5.2.4.3079 build 20250321
affected

Default status
unaffected

h5.2.x (custom) before h5.2.4.3079 build 20250321
affected

Credits

Searat and izut finder

References

www.qnap.com/en/security-advisory/qsa-25-12

cve.org (CVE-2024-56805)

nvd.nist.gov (CVE-2024-56805)

Download JSON