Search

Security ID : QSA-21-34

Stack Buffer Overflow Vulnerability in QUSBCam2

  • Release date : September 10, 2021

  • CVE identifier : CVE-2021-34344

  • Affected products: Certain QNAP NAS

Severity

Critical

Status

Resolved

Summary

A stack buffer overflow vulnerability has been reported to affect QNAP NAS running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code.

We have already fixed this vulnerability in the following versions of QUSBCam2:

  • QTS 4.5.4: QUSBCam2 1.1.4 (2021/07/30) and later
  • QTS 4.3.6: QUSBCam2 1.1.4 ( 2021/07/30 ) and later
  • QuTS hero h4.5.3: QUSBCam2 1.1.4 (2021/07/30) and later

Recommendation

To fix the vulnerability, we recommend updating QUSBCam2 to the latest version.

Updating QUSBCam2

  1. Log on to QTS or QuTS hero as administrator.
  2. Open the App Center and then click .
    A search box appears.
  3. Type “QUSBCam2” and then press ENTER.
    QUSBCam2 appears in the search results.
  4. Click Update.
    A confirmation message appears.
    Note: The Update button is not available if your QUSBCam2 is already up to date.
  5. Click OK.
    The application is updated.

Acknowledgements: crixer

Revision History: V1.0 (September 10, 2021) - Published

Choose specification

      Show more Less

      Choose Your Country or Region

      open menu
      back to top