QNAP QTS: CVE-2024-37047: Multiple Vulnerabilities in QTS and QuTS hero

Multiple vulnerabilities have been reported to affect certain QNAP operating system versions: CVE-2024-37041, CVE-2024-37044, CVE-2024-37047, CVE-2024-37049, CVE-2024-37050: If exploited, the buffer overflow vulnerabilities could allow remote attackers who have gained administrator access to modify memory or crash processes. CVE-2024-37042, CVE-2024-37045, CVE-2024-37048: If exploited, the NULL pointer dereference vulnerabilities could allow remote attackers who have gained administrator access to launch a denial-of-service (DoS) attack. CVE-2024-37043, CVE-2024-37046: If exploited, the path traversal vulnerabilities could allow remote attackers who have gained administrator access to read the contents of unexpected files or system data. CVE-2024-50396, CVE-2024-50397, CVE-2024-50398, CVE-2024-50399, CVE-2024-50400, CVE-2024-50401: If exploited, the use of externally-controlled format string vulnerabilities could allow remote attackers to obtain secret data or modify memory. We have already fixed the vulnerabilities in the following versions: