VYPR
Unrated severityNVD Advisory· Published Dec 8, 2023· Updated May 27, 2025

QTS, QuTS hero

CVE-2023-32975

Description

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.

We have already fixed the vulnerability in the following versions: QTS 5.0.1.2514 build 20230906 and later QTS 5.1.2.2533 build 20230926 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.2.2534 build 20230927 and later

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Qnap/Qtsllm-fuzzy
    Range: >=5.0.1.2514 build 20230906, >=5.1.2.2533 build 20230926
  • Qnap/Quts Herollm-fuzzy
    Range: >=h5.0.1.2515 build 20230907, >=h5.1.2.2534 build 20230927
  • QNAP Systems Inc./QTSv5
    Range: 5.0.x
  • QNAP Systems Inc./QuTS herov5
    Range: h5.0.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.