VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 2, 2024· Updated Jun 17, 2025

QTS, QuTS hero, QuTScloud

CVE-2023-45035

Description

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.

We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A buffer copy vulnerability in QNAP QTS, QuTS hero, and QuTScloud allows authenticated administrators to execute code via network.

Vulnerability

A buffer copy without checking size of input vulnerability exists in QNAP QTS 5.1.x, QuTS hero h5.1.x, and QuTScloud 5.x. Affected versions are those prior to QTS 5.1.4.2596 build 20231128, QuTS hero h5.1.4.2596 build 20231128, and QuTScloud c5.1.5.2651. The vulnerability can be triggered by authenticated administrators via network requests, leading to a buffer overflow condition [1].

Exploitation

An attacker must be an authenticated administrator on the QNAP device. No additional user interaction is required beyond authentication. The attack vector is network-based; the exact sequence of steps is not publicly detailed, but the buffer copy operation without proper size validation can be exploited by sending crafted network requests [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code on the device with administrative privileges. This results in full compromise of the confidentiality, integrity, and availability of the NAS system [1].

Mitigation

QNAP has fixed the vulnerability in QTS 5.1.4.2596 build 20231128 and later, QuTS hero h5.1.4.2596 build 20231128 and later, and QuTScloud c5.1.5.2651 and later. Users should update their systems via Control Panel > Firmware Update or by downloading the update from the QNAP website. No workarounds are provided, and the vulnerability is not listed on the CISA Known Exploited Vulnerabilities catalog as of the advisory release date [1].

References
  1. Multiple Vulnerabilities in QTS, QuTS hero and QuTScloud - Security Advisory

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

6
  • Qnap/Qtsllm-fuzzy
    Range: < 5.1.4.2596
  • Qnap/QuTS herollm-fuzzy
    Range: < h5.1.4.2596
  • Qnap/QuTScloudllm-fuzzy
    Range: < c5.1.5.2651
  • QNAP Systems Inc./QTSv5
    Range: 5.1.x
  • QNAP Systems Inc./QuTScloudv5
    Range: c5.x.x
  • QNAP Systems Inc./QuTS herov5
    Range: h5.1.x

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.