CVE-2022-27596

🗓️ 30 Jan 2023 01:13:47Reported by qnapType

Vulnerability in QNAP devices allows remote code injectio

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2022-27596	30 Jan 202307:36	–	circl
CNNVD	QNAP Systems QTS 和 QuTS hero SQL注入漏洞	30 Jan 202300:00	–	cnnvd
Cvelist	CVE-2022-27596 Vulnerability in QTS	30 Jan 202301:13	–	cvelist
Hive Pro Threat Advisories	QNAP addresses a vulnerability in NAS devices	1 Feb 202304:09	–	hivepro
NVD	CVE-2022-27596	30 Jan 202302:15	–	nvd
OpenVAS	QNAP QTS Code Injection Vulnerability (QSA-23-01)	31 Jan 202300:00	–	openvas
OpenVAS	QNAP QuTS hero Code Injection Vulnerability (QSA-23-01)	31 Jan 202300:00	–	openvas
OSV	CVE-2022-27596	30 Jan 202302:15	–	osv
Prion	Remote code execution	30 Jan 202302:15	–	prion
Positive Technologies	PT-2023-1262 · Qnap · Qts +1	29 Jan 202300:00	–	ptsecurity

NVD

Node

qnap qtsRange5.0.1–5.0.1.2234

qnap quts_heroRangeh5.0.1–h5.0.1.2248

[
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.0.1.2248 build 20221215",
        "status": "affected",
        "version": "h5.0.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.0.1.2234 build 20221201",
        "status": "affected",
        "version": "5.0.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-23-01

21 Nov 2024 06:56Current

9.4High risk

Vulners AI Score9.4

CVSS 3.19.8

EPSS0.20952

SSVC

CWE-89