VYPR
Unrated severityNVD Advisory· Published Nov 10, 2023· Updated Feb 26, 2025

QTS, QuTS hero, QuTScloud

CVE-2023-23367

Description

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.

We have already fixed the vulnerability in the following versions: QTS 5.0.1.2376 build 20230421 and later QuTS hero h5.0.1.2376 build 20230421 and later QuTScloud c5.1.0.2498 and later

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Qnap/Qtsllm-fuzzy
    Range: <5.0.1.2376 build 20230421
  • Qnap/Quts Herollm-fuzzy
    Range: <h5.0.1.2376 build 20230421
  • Qnap/QuTScloudllm-fuzzy
    Range: <c5.1.0.2498
  • QNAP Systems Inc./QTSv5
    Range: 5.0.x
  • QNAP Systems Inc./QuTScloudv5
    Range: c5.x.x
  • QNAP Systems Inc./QuTS herov5
    Range: h5.0.x

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.