Today > 5 Critical | 6 High | 28 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-37045

Nov. 22, 2024, 4:15 p.m.

Tags

CWE-476
security@qnapsecurity.com.tw
2024-11-22
CVE-2024-37045

Product(s) Impacted

QNAP QTS

  • 5.2.1.2930
  • after 5.2.1.2930

QNAP QuTS hero

  • h5.2.1.2929
  • after h5.2.1.2929

Description

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. We have already fixed the vulnerability in the following versions: QTS 5.2.1.2930 build 20241025 and later QuTS hero h5.2.1.2929 build 20241025 and later

Weaknesses

CWE-476
NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

CWE ID: 476

Date

Published: Nov. 22, 2024, 4:15 p.m.

Last Modified: Nov. 22, 2024, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security@qnapsecurity.com.tw

References

https://www.qnap.com/ security@qnapsecurity.com.tw