CVE-2024-27130
HIGHCVSS v3
8.8
HIGH
EPSS Score
81.0%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Technical Details
- Published
- 5/21/2024
Frequently Asked Questions
What is CVE-2024-27130?
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build 20240520 and later QuTS hero h5.1.7.2770 build 20240520 and later
Is CVE-2024-27130 actively exploited?
Active exploitation of CVE-2024-27130 has not been confirmed. The EPSS score is 81.0%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2024-27130?
CVE-2024-27130 has a CVSS v3 base score of 8.8 (HIGH severity).
Is CVE-2024-27130 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.