How severe is CVE-2021-34343?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2021-34343?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2021-34343 - HIGH Severity | CVSS 7.2

Vulnerability Description

A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QTS, QuTScloud, QuTS hero: QTS 4.5.4.1715 build 20210630 and later QTS 5.0.0.1716 build 20210701 and later QuTScloud c4.5.6.1755 and later QuTS hero h4.5.4.1771 build 20210825 and later

Related Vulnerabilities

CVE-2018-16119

HIGH

CVSS:7.2(High)

Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFo...

CWE-7872018

CVE-2018-17022

HIGH

CVSS:7.2(High)

Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by sett...

CWE-7872018

CVE-2018-3950

HIGH

CVSS:7.2(High)

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address ...

CWE-7872018

CVE-2019-11848

HIGH

CVSS:7.2(High)

An API abuse vulnerability exists in the AT command API of ALEOS before 4.13.0, 4.9.5, 4.4.9 due to lack of length checking when handling certain user-provided values.

CWE-7872019

CVE-2019-15661

HIGH

CVSS:7.2(High)

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate parameters, leading to a stack-based buffer overflow, which can lead to code ...

CWE-7872019

CVE-2019-15665

HIGH

CVSS:7.2(High)

An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbi...

CWE-7872019