A buffer overflow vulnerability in external device function in QNAP QTS version 4.2.6 build 20171026, 4.3.3.0378 build 20171117, 4.3.4.0387 (Beta 2) build 20171116 and earlier could allow remote attackers to execute arbitrary code on NAS devices.

Related CVEs

CVE-2017-17028

Key Information

GHSA ID

GHSA-29h6-xjp2-cgj2

Published

May 14, 2022 4:00 AM

Last Modified

May 14, 2022 4:00 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 30, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.