QNAP QTS Multiple Vulnerabilities (QSA-24-32)

QNAP QTS is prone to multiple OS command injection vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...

CVE-2023-34974

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...

CVE-2023-34974

The CVE-2023-34974 entry is an OS command injection affecting QNAP QTS and QTS Hero (QTS versions prior to 4.5.4.2790 build 20240605 and later, and QuTS Hero prior to h4.5.4.2626 build 20231225 and later). QuTScloud, QVR, and QES are not affected. Root cause is a network-exposed command-injection...

CVE-2023-34974 QTS, QuTS hero, QuTScloud, QVR, QES

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...

CVE-2023-34974 QTS, QuTS hero, QuTScloud, QVR, QES

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: Q...