EUVD-2023-45798

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

OS command injection vulnerability affects QNAP systems, fixed in recent versions for security.

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2023-41282	2 Feb 202417:27	–	circl
CNNVD	QNAP Multiple Products Operating System Command Injection Vulnerability	2 Feb 202400:00	–	cnnvd
CVE	CVE-2023-41282	2 Feb 202416:04	–	cve
Cvelist	CVE-2023-41282 QTS, QuTS hero, QuTScloud	2 Feb 202416:04	–	cvelist
NCSC	Vulnerabilities fixed in QNAP QTS and QTS Hero	5 Feb 202400:00	–	ncsc
NVD	CVE-2023-41282	2 Feb 202416:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-23-46, QSA-23-53)	5 Feb 202400:00	–	openvas
OpenVAS	QNAP QuTS hero Multiple Vulnerabilities (QSA-23-46, QSA-23-53)	5 Feb 202400:00	–	openvas
OpenVAS	QNAP QuTScloud c5.x < c5.1.5.2651 Multiple Vulnerabilities	5 Feb 202400:00	–	openvas
Prion	Command injection	2 Feb 202416:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "dd678189-6b0e-3b98-ab78-8cbcac0703ac",
        "vendor": {
          "name": "QNAP Systems Inc."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "6d4104c8-1971-35ee-9c63-49f8578cf6e1",
        "product": {
          "name": "QTS"
        },
        "product_version": "5.1.x <5.1.4.2596 build 20231128"
      },
      {
        "id": "832e977a-b31d-35f6-81a3-ede9f33232c6",
        "product": {
          "name": "QuTS hero"
        },
        "product_version": "h5.1.x <h5.1.4.2596 build 20231128"
      },
      {
        "id": "bdc40f22-cfde-3a4b-b6e4-888afd52d61b",
        "product": {
          "name": "QuTScloud"
        },
        "product_version": "c5.x.x <c5.1.5.2651"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-23-53

03 Oct 2025 20:07Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.15.5 - 7.2

EPSS0.00176

SSVC