Unrated severityCISA KEVNVD Advisory· Published Dec 8, 2023· Updated Oct 21, 2025

Legacy VioStor NVR

CVE-2023-47565

Description

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network.

We have already fixed the vulnerability in the following versions:

QVR Firmware 5.0.0 and later

Affected products

QNAP Systems Inc./VioStor NVRv5
Range: 4.x

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.qnap.com/en/security-advisory/qsa-23-48mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.069
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000