Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-23355
HistoryMar 29, 2023 - 5:15 a.m.

Command injection

2023-03-2905:15:00
PRIOn knowledge base
www.prio-n.com
5
command injection
qnap os
remote administrators
vulnerability fix
qts
quts hero
qutscloud
nvd

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.5%

JSON

An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors.
QES is not affected.

We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2346 build 20230322 and later
QTS 4.5.4.2374 build 20230416 and later
QuTS hero h5.0.1.2348 build 20230324 and later
QuTS hero h4.5.4.2374 build 20230417 and later
QuTScloud c5.0.1.2374 and later

CPENameOperatorVersion
qtslt5.0.1.2346
quts_heroeq< h5.0.1.2348

Related

nessus 1
cvelist 1
cve 1
nvd 1
openvas 2
nessus
nessus
QNAP QTS / QuTS hero RCE (QSA-23-10)
2023-04-13 00:00:00
cvelist
cvelist
CVE-2023-23355 QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR
2023-03-29 04:02:59
cve
cve
CVE-2023-23355
2023-03-29 05:15:07
nvd
nvd
CVE-2023-23355
2023-03-29 05:15:07
openvas
openvas
QNAP QuTS hero Multiple Vulnerabilities (QSA-23-02, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)
2023-03-31 00:00:00
QNAP QTS Multiple Vulnerabilities (QSA-23-02, QSA-23-03, QSA-23-06, QSA-23-10, QSA-23-11, QSA-23-15)
2023-03-31 00:00:00

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.5%

JSON
Related for PRION:CVE-2023-23355
nessus1cvelist1cve1nvd1openvas2