Lucene search
+L

CVE-2023-23367

🗓️ 10 Nov 2023 14:49:46Reported by qnapType 
cve
 cve
🔗 web.nvd.nist.gov👁 81 Views

OS command injection in QNAP OS versions. Authenticated admins can execute network commands

Related
Detection
Affected
Refs
NVD
Node
OR
qnapqtsMatch5.0.0.1716build_20210701
qnapqtsMatch5.0.0.1785build_20210908
qnapqtsMatch5.0.0.1808build_20211001
qnapqtsMatch5.0.0.1828build_20211020
qnapqtsMatch5.0.0.1837build_20211029
qnapqtsMatch5.0.0.1850build_20211111
qnapqtsMatch5.0.0.1853build_20211114
qnapqtsMatch5.0.0.1858build_20211119
qnapqtsMatch5.0.0.1870build_20211201
qnapqtsMatch5.0.1.2034build_20220515
qnapqtsMatch5.0.1.2079build_20220629
qnapqtsMatch5.0.1.2131build_20220820
qnapqtsMatch5.0.1.2137build_20220826
qnapqtsMatch5.0.1.2145build_20220903
qnapqtsMatch5.0.1.2173build_20221001
qnapqtsMatch5.0.1.2194build_20221022
qnapqtsMatch5.0.1.2234build_20221201
qnapqtsMatch5.0.1.2248build_20221215
qnapqtsMatch5.0.1.2277build_20230112
qnapqtsMatch5.0.1.2346build_20230322
Node
OR
qnapquts_heroMatchh5.0.0.1772build_20210826
qnapquts_heroMatchh5.0.0.1844build_20211105
qnapquts_heroMatchh5.0.0.1856build_20211117
qnapquts_heroMatchh5.0.0.1892build_20211222
qnapquts_heroMatchh5.0.0.1900build_20211228
qnapquts_heroMatchh5.0.0.1949build_20220215
qnapquts_heroMatchh5.0.0.1986build_20220324
qnapquts_heroMatchh5.0.0.2022build_20220428
qnapquts_heroMatchh5.0.0.2069build_20220614
qnapquts_heroMatchh5.0.0.2120build_20220804
qnapquts_heroMatchh5.0.1.2045build_20220526
qnapquts_heroMatchh5.0.1.2192build_20221020
qnapquts_heroMatchh5.0.1.2248build_20221215
qnapquts_heroMatchh5.0.1.2269build_20230104
qnapquts_heroMatchh5.0.1.2277build_20230112
qnapquts_heroMatchh5.0.1.2348build_20230324
Node
OR
qnapqutscloudMatchc5.0.0.1919build_20220119
qnapqutscloudMatchc5.0.1.1949build_20220218
qnapqutscloudMatchc5.0.1.1998build_20220408
qnapqutscloudMatchc5.0.1.2044build_20220524
qnapqutscloudMatchc5.0.1.2148build_20220905
qnapqutscloudMatchc5.0.1.2374build_20230419
[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.0.1.2376 build 20230421",
        "status": "affected",
        "version": "5.0.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.0.1.2376 build 20230421",
        "status": "affected",
        "version": "h5.0.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c5.1.0.2498",
        "status": "affected",
        "version": "c5.x.x",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 05:36Current
6.1Medium risk
Vulners AI Score6.1
CVSS 3.14.7 - 7.2
EPSS0.01496
SSVC
81