CVE-2023-50359

LOW

QNAP OS - Unspecified Vuln

Title source: llm

Description

An unchecked return value vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later

References (1)

[Vendor Advisory] https://www.qnap.com/en/security-advisory/qsa-24-07

Scores

CVSS v3 3.4

EPSS 0.0003

EPSS Percentile 6.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L

Classification

CWE

CWE-252

Status published

Affected Products (20)

qnap/qts

qnap/quts_hero

... and 5 more

Timeline

Published Feb 02, 2024

Tracked Since Feb 18, 2026