Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-23367

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTScloud c5.1.0.2498 and later

Published

2023-11-10T15:15:08.190

Last Modified

2024-11-21T07:46:02.490

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.7 (MEDIUM)

Weaknesses

Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qnap	qts	5.0.0.1716	Yes
Operating System	qnap	qts	5.0.0.1785	Yes
Operating System	qnap	qts	5.0.0.1808	Yes
Operating System	qnap	qts	5.0.0.1828	Yes
Operating System	qnap	qts	5.0.0.1837	Yes
Operating System	qnap	qts	5.0.0.1850	Yes
Operating System	qnap	qts	5.0.0.1853	Yes
Operating System	qnap	qts	5.0.0.1858	Yes
Operating System	qnap	qts	5.0.0.1870	Yes
Operating System	qnap	qts	5.0.1.2034	Yes
Operating System	qnap	qts	5.0.1.2079	Yes
Operating System	qnap	qts	5.0.1.2131	Yes
Operating System	qnap	qts	5.0.1.2137	Yes
Operating System	qnap	qts	5.0.1.2145	Yes
Operating System	qnap	qts	5.0.1.2173	Yes
Operating System	qnap	qts	5.0.1.2194	Yes
Operating System	qnap	qts	5.0.1.2234	Yes
Operating System	qnap	qts	5.0.1.2248	Yes
Operating System	qnap	qts	5.0.1.2277	Yes
Operating System	qnap	qts	5.0.1.2346	Yes
Operating System	qnap	quts_hero	h5.0.0.1772	Yes
Operating System	qnap	quts_hero	h5.0.0.1844	Yes
Operating System	qnap	quts_hero	h5.0.0.1856	Yes
Operating System	qnap	quts_hero	h5.0.0.1892	Yes
Operating System	qnap	quts_hero	h5.0.0.1900	Yes
Operating System	qnap	quts_hero	h5.0.0.1949	Yes
Operating System	qnap	quts_hero	h5.0.0.1986	Yes
Operating System	qnap	quts_hero	h5.0.0.2022	Yes
Operating System	qnap	quts_hero	h5.0.0.2069	Yes
Operating System	qnap	quts_hero	h5.0.0.2120	Yes
Operating System	qnap	quts_hero	h5.0.1.2045	Yes
Operating System	qnap	quts_hero	h5.0.1.2192	Yes
Operating System	qnap	quts_hero	h5.0.1.2248	Yes
Operating System	qnap	quts_hero	h5.0.1.2269	Yes
Operating System	qnap	quts_hero	h5.0.1.2277	Yes
Operating System	qnap	quts_hero	h5.0.1.2348	Yes
Operating System	qnap	qutscloud	c5.0.0.1919	Yes
Operating System	qnap	qutscloud	c5.0.1.1949	Yes
Operating System	qnap	qutscloud	c5.0.1.1998	Yes
Operating System	qnap	qutscloud	c5.0.1.2044	Yes
Operating System	qnap	qutscloud	c5.0.1.2148	Yes
Operating System	qnap	qutscloud	c5.0.1.2374	Yes

References

https://www.qnap.com/en/security-advisory/qsa-23-24 Vendor Advisory ([email protected])
https://www.qnap.com/en/security-advisory/qsa-23-24 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)