Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.QNAP_QTS_QUTS_HERO_QSA-23-42.NASL
HistoryOct 18, 2023 - 12:00 a.m.

QNAP QTS / QuTS hero Path Traversal (QSA-23-42)

2023-10-1800:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
6
qnap
qts
quts hero
path traversal
vulnerability
security patch
cve-2023-32974
network exposed data

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

38.6%

JSON

The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the QSA-23-42 advisory. A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(183299);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/11/07");

  script_cve_id("CVE-2023-32974");

  script_name(english:"QNAP QTS / QuTS hero Path Traversal (QSA-23-42)");

  script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch.");
  script_set_attribute(attribute:"description", value:
"The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the
QSA-23-42 advisory. A path traversal vulnerability has been reported to affect several QNAP operating system versions. 
If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data 
via a network.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.qnap.com/en/security-advisory/QSA-23-42");
  script_set_attribute(attribute:"solution", value:
"Apply the solution referenced in the QSA-23-42 advisory");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-32974");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/10/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/10/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/10/18");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:qts");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:qnap:qts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:qnap:quts_hero");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("qnap_qts_quts_hero_web_detect.nbin", "qnap_qts_installed.nbin", "qnap_quts_hero_installed.nbin");
  script_require_ports("installed_sw/QNAP QTS", "installed_sw/QNAP QuTS hero");

  exit(0);
}

include('vcf.inc');
include('vcf_extras_qnap.inc');

var app_info = vcf::qnap::get_app_info();

var constraints = [
  { 'min_version' : '5.1.0', 'max_version' : '5.1.0', 'product' : 'QTS', 'fixed_display' : 'QTS 5.1.0.2444 build 20230629', 'Number' : '2444', 'Build' : '20230629' },
  { 'min_version' : '5.1.0', 'max_version' : '5.1.0', 'product' : 'QuTS hero', 'fixed_display' : 'QuTS hero h5.1.0.2424 build 20230609', 'Number' : '2424', 'Build' : '20230609' }
];
vcf::qnap::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_HOLE
);
VendorProductVersionCPE
qnapqtscpe:/o:qnap:qts
qnapqtscpe:/a:qnap:qts
qnapquts_herocpe:/o:qnap:quts_hero

Related

prion 1
cvelist 1
openvas 3
nvd 1
cve 1
prion
prion
Path traversal
2023-10-13 20:15:00
cvelist
cvelist
CVE-2023-32974 QTS, QuTS hero, QuTScloud
2023-10-13 19:16:44
openvas
openvas
QNAP QuTS hero Path Traversal Vulnerability (QSA-23-42)
2023-10-17 00:00:00
QNAP QTS Path Traversal Vulnerability (QSA-23-42)
2023-10-16 00:00:00
QNAP QuTScloud Multiple Vulnerabilities (QSA-23-41, QSA-23-42)
2023-10-17 00:00:00
nvd
nvd
CVE-2023-32974
2023-10-13 20:15:10
cve
cve
CVE-2023-32974
2023-10-13 20:15:10

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

38.6%

JSON
Related for QNAP_QTS_QUTS_HERO_QSA-23-42.NASL
prion1cvelist1openvas3nvd1cve1