CVSS: 8.3EPSS: 0%CPEs: 18EXPL: 0CVE-2023-41283 – QTS, QuTS hero, QuTScloud
https://notcve.org/view.php?id=CVE-2023-41283
02 Feb 2024 — An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later Se ha informado que una vulnerabilidad de inyección de comandos del sistema operativo afecta a varias versiones ... • https://www.qnap.com/en/security-advisory/qsa-23-53 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 20EXPL: 0CVE-2023-41282 – QTS, QuTS hero, QuTScloud
https://notcve.org/view.php?id=CVE-2023-41282
02 Feb 2024 — An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later Se ha informado que una vulnerabilidad de inyección de comandos del sistema operativo afecta a varias versiones ... • https://www.qnap.com/en/security-advisory/qsa-23-53 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.3EPSS: 0%CPEs: 18EXPL: 0CVE-2023-41281 – QTS, QuTS hero, QuTScloud
https://notcve.org/view.php?id=CVE-2023-41281
02 Feb 2024 — An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later Se ha informado que una vulnerabilidad de inyección de comandos del sistema operativo afecta a varias versiones ... • https://www.qnap.com/en/security-advisory/qsa-23-53 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 45EXPL: 0CVE-2023-39297 – QTS, QuTS hero, QuTScloud
https://notcve.org/view.php?id=CVE-2023-39297
02 Feb 2024 — An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later Se ha informado que una vulnerabil... • https://www.qnap.com/en/security-advisory/qsa-23-30 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •