CVE-2023-23362

🗓️ 22 Sep 2023 03:27:19Reported by qnapType

CVE-2023-23362 OS command injection vulnerability in QNAP O

Reporter	Title	Published	Views	Family All 14
Circl	CVE-2023-23362	22 Sep 202309:02	–	circl
CNNVD	QNAP Systems QTS Operating System Command Injection Vulnerability	22 Sep 202300:00	–	cnnvd
Cvelist	CVE-2023-23362 QTS, QuTS hero, QuTScloud	22 Sep 202303:27	–	cvelist
EUVD	EUVD-2023-27462	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in QNAP QTS and QuTS Hero	18 Sep 202300:00	–	ncsc
NVD	CVE-2023-23362	22 Sep 202304:15	–	nvd
OpenVAS	QNAP QTS Command Injection Vulnerability (QSA-23-18)	18 Sep 202300:00	–	openvas
OpenVAS	QNAP QuTS hero Command Injection Vulnerability (QSA-23-18)	18 Sep 202300:00	–	openvas
OSV	CVE-2023-23362	22 Sep 202304:15	–	osv
Prion	Command injection	22 Sep 202304:15	–	prion

NVD

Node

qnap qtsRange4.5.4–4.5.4.2374

qnap qtsRange5.0.1–5.0.1.2376

qnap quts_heroRangeh4.5.4–h4.5.4.2374

qnap quts_heroRangeh5.0.1–h5.0.1.2376

qnap qutscloudRangec5.0.1–c5.0.1.2374

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.0.1.2376 build 20230421",
        "status": "affected",
        "version": "5.0.*",
        "versionType": "custom"
      },
      {
        "lessThan": "4.5.4.2374 build 20230416",
        "status": "affected",
        "version": "4.5.*",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.0.1.2376 build 20230421",
        "status": "affected",
        "version": "h5.0.*",
        "versionType": "custom"
      },
      {
        "lessThan": "h4.5.4.2374 build 20230417",
        "status": "affected",
        "version": "h4.5.*",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c5.0.1.2374",
        "status": "affected",
        "version": "c5.0.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-23-18

21 Nov 2024 07:46Current

8.8High risk

Vulners AI Score8.8

CVSS 3.18.8

EPSS0.00433

SSVC

CWE-78