Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-39300

An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 4.3.6.2805 build 20240619 and later QTS 4.3.4.2814 build 20240618 and later QTS 4.3.3.2784 build 20240619 and later QTS 4.2.6 build 20240618 and later

Published

2024-09-06T17:15:12.070

Last Modified

2024-09-24T16:42:02.873

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Primary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	qnap	qts	4.3.6.0895	Yes
Operating System	qnap	qts	4.3.6.0907	Yes
Operating System	qnap	qts	4.3.6.0923	Yes
Operating System	qnap	qts	4.3.6.0944	Yes
Operating System	qnap	qts	4.3.6.0959	Yes
Operating System	qnap	qts	4.3.6.0979	Yes
Operating System	qnap	qts	4.3.6.0993	Yes
Operating System	qnap	qts	4.3.6.1013	Yes
Operating System	qnap	qts	4.3.6.1033	Yes
Operating System	qnap	qts	4.3.6.1070	Yes
Operating System	qnap	qts	4.3.6.1154	Yes
Operating System	qnap	qts	4.3.6.1218	Yes
Operating System	qnap	qts	4.3.6.1263	Yes
Operating System	qnap	qts	4.3.6.1286	Yes
Operating System	qnap	qts	4.3.6.1333	Yes
Operating System	qnap	qts	4.3.6.1411	Yes
Operating System	qnap	qts	4.3.6.1446	Yes
Operating System	qnap	qts	4.3.6.1620	Yes
Operating System	qnap	qts	4.3.6.1663	Yes
Operating System	qnap	qts	4.3.6.1711	Yes
Operating System	qnap	qts	4.3.6.1750	Yes
Operating System	qnap	qts	4.3.6.1831	Yes
Operating System	qnap	qts	4.3.6.1907	Yes
Operating System	qnap	qts	4.3.6.1965	Yes
Operating System	qnap	qts	4.3.6.2050	Yes
Operating System	qnap	qts	4.3.6.2232	Yes
Operating System	qnap	qts	4.3.6.2441	Yes
Operating System	qnap	qts	4.3.6.2665	Yes
Operating System	qnap	qts	4.3.4.0899	Yes
Operating System	qnap	qts	4.3.4.1029	Yes
Operating System	qnap	qts	4.3.4.1082	Yes
Operating System	qnap	qts	4.3.4.1190	Yes
Operating System	qnap	qts	4.3.4.1282	Yes
Operating System	qnap	qts	4.3.4.1368	Yes
Operating System	qnap	qts	4.3.4.1417	Yes
Operating System	qnap	qts	4.3.4.1463	Yes
Operating System	qnap	qts	4.3.4.1632	Yes
Operating System	qnap	qts	4.3.4.1652	Yes
Operating System	qnap	qts	4.3.4.1976	Yes
Operating System	qnap	qts	4.3.4.2107	Yes
Operating System	qnap	qts	4.3.4.2242	Yes
Operating System	qnap	qts	4.3.4.2451	Yes
Operating System	qnap	qts	4.3.4.2675	Yes
Operating System	qnap	qts	4.3.3.0174	Yes
Operating System	qnap	qts	4.3.3.0868	Yes
Operating System	qnap	qts	4.3.3.0998	Yes
Operating System	qnap	qts	4.3.3.1051	Yes
Operating System	qnap	qts	4.3.3.1098	Yes
Operating System	qnap	qts	4.3.3.1161	Yes
Operating System	qnap	qts	4.3.3.1252	Yes
Operating System	qnap	qts	4.3.3.1315	Yes
Operating System	qnap	qts	4.3.3.1386	Yes
Operating System	qnap	qts	4.3.3.1432	Yes
Operating System	qnap	qts	4.3.3.1624	Yes
Operating System	qnap	qts	4.3.3.1677	Yes
Operating System	qnap	qts	4.3.3.1693	Yes
Operating System	qnap	qts	4.3.3.1799	Yes
Operating System	qnap	qts	4.3.3.1864	Yes
Operating System	qnap	qts	4.3.3.1945	Yes
Operating System	qnap	qts	4.3.3.2057	Yes
Operating System	qnap	qts	4.3.3.2211	Yes
Operating System	qnap	qts	4.3.3.2420	Yes
Operating System	qnap	qts	4.3.3.2644	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes
Operating System	qnap	qts	4.2.6	Yes

References

https://www.qnap.com/en/security-advisory/qsa-24-26 Vendor Advisory ([email protected])