CVE-2023-34975 QTS, QuTS hero, QuTScloud

🗓️ 13 Oct 2023 19:17:06Reported by qnapType

CVE-2023-34975 OS command injection vulnerability affecting QNAP operating syste

Reporter	Title	Published	Views	Family All 12
CNNVD	QNAP Systems Video Station Operating System Command Injection Vulnerability	13 Oct 202300:00	–	cnnvd
CVE	CVE-2023-34975	13 Oct 202319:17	–	cve
EUVD	EUVD-2023-39014	3 Oct 202520:07	–	euvd
NVD	CVE-2023-34975	13 Oct 202320:15	–	nvd
OpenVAS	QNAP QTS Multiple OS Command Injection Vulnerabilities (QSA-24-12)	11 Mar 202400:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple OS Command Injection Vulnerabilities (QSA-24-12)	12 Mar 202400:00	–	openvas
OpenVAS	QNAP QuTScloud Multiple OS Command Injection Vulnerabilities (QSA-24-12)	11 Mar 202400:00	–	openvas
OpenVAS	QNAP QTS Video Station Multiple Vulnerabilities (QSA-23-52)	9 Jan 202400:00	–	openvas
OSV	CVE-2023-34975	13 Oct 202320:15	–	osv
Prion	Command injection	13 Oct 202320:15	–	prion

[
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h4.5.4.2626 build 20231225",
        "status": "affected",
        "version": "h4.5.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.5.4.2627 build 20231225",
        "status": "affected",
        "version": "4.5.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.5.4.2627 build 20231225",
        "status": "unaffected",
        "version": "c5.x.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-24-12

12 Jan 2026 09:15Current

9.1High risk

Vulners AI Score9.1

CVSS 3.16.6

EPSS0.01058

CWE-78