// For flags

CVE-2023-23355

QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances), QVR

Severity Score

7.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors.
QES is not affected. We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2346 build 20230322 and later
QTS 4.5.4.2374 build 20230416 and later
QuTS hero h5.0.1.2348 build 20230324 and later
QuTS hero h4.5.4.2374 build 20230417 and later
QuTScloud c5.0.1.2374 and later

An OS command injection vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote authenticated administrators to execute commands via unspecified vectors. QES is not affected. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2346 build 20230322 and later QTS 4.5.4.2374 build 20230416 and later QuTS hero h5.0.1.2348 build 20230324 and later QuTS hero h4.5.4.2374 build 20230417 and later QuTScloud c5.0.1.2374 and later

*Credits: YC of the M1QLin security team
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low
Attack Vector
Network
Attack Complexity
Low
Authentication
Multiple
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-01-11 CVE Reserved
  • 2023-03-29 CVE Published
  • 2025-02-12 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
  • CAPEC-88: OS Command Injection
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://www.qnap.com/en/security-advisory/qsa-23-10 2023-09-01
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Qnap
Search vendor "Qnap"
 Qvp-41b Firmware
Search vendor "Qnap" for product "Qvp-41b Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-41b
Search vendor "Qnap" for product "Qvp-41b"
--
Safe
Qnap
Search vendor "Qnap"
 Qvp-63b Firmware
Search vendor "Qnap" for product "Qvp-63b Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-63b
Search vendor "Qnap" for product "Qvp-63b"
--
Safe
Qnap
Search vendor "Qnap"
 Qvp-85b Firmware
Search vendor "Qnap" for product "Qvp-85b Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-85b
Search vendor "Qnap" for product "Qvp-85b"
--
Safe
Qnap
Search vendor "Qnap"
 Qvp-21a Firmware
Search vendor "Qnap" for product "Qvp-21a Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-21a
Search vendor "Qnap" for product "Qvp-21a"
--
Safe
Qnap
Search vendor "Qnap"
 Qvp-41a Firmware
Search vendor "Qnap" for product "Qvp-41a Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-41a
Search vendor "Qnap" for product "Qvp-41a"
--
Safe
Qnap
Search vendor "Qnap"
 Qvp-63a Firmware
Search vendor "Qnap" for product "Qvp-63a Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-63a
Search vendor "Qnap" for product "Qvp-63a"
--
Safe
Qnap
Search vendor "Qnap"
 Qvp-85a Firmware
Search vendor "Qnap" for product "Qvp-85a Firmware"
--
Affected
in Qnap
Search vendor "Qnap"
 Qvp-85a
Search vendor "Qnap" for product "Qvp-85a"
--
Safe
Qnap
Search vendor "Qnap"
 Qvr
Search vendor "Qnap" for product "Qvr"
--
Affected
Qnap
Search vendor "Qnap"
 Qts
Search vendor "Qnap" for product "Qts"
 < 5.0.1.2346
Search vendor "Qnap" for product "Qts" and version " < 5.0.1.2346"
-
Affected
Qnap
Search vendor "Qnap"
 Quts Hero
Search vendor "Qnap" for product "Quts Hero"
 < h5.0.1.2348
Search vendor "Qnap" for product "Quts Hero" and version " < h5.0.1.2348"
-
Affected
Qnap
Search vendor "Qnap"
 Qutscloud
Search vendor "Qnap" for product "Qutscloud"
--
Affected