CVE-2023-23369
QTS, Multimedia Console, and Media Streaming add-on
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following versions:
Multimedia Console 2.1.2 ( 2023/05/04 ) and later
Multimedia Console 1.4.8 ( 2023/05/05 ) and later
QTS 5.1.0.2399 build 20230515 and later
QTS 4.3.6.2441 build 20230621 and later
QTS 4.3.4.2451 build 20230621 and later
QTS 4.3.3.2420 build 20230621 and later
QTS 4.2.6 build 20230621 and later
Media Streaming add-on 500.1.1.2 ( 2023/06/12 ) and later
Media Streaming add-on 500.0.0.11 ( 2023/06/16 ) and later
Se ha informado que una vulnerabilidad de inyección de comandos del sistema operativo afecta a varias versiones del sistema operativo QNAP. Si se explota, la vulnerabilidad podría permitir a los usuarios ejecutar comandos a través de una red. Ya hemos solucionado la vulnerabilidad en las siguientes versiones: Multimedia Console 2.1.2 ( 2023/05/04 ) y posteriores Multimedia Console 1.4.8 ( 2023/05/05 ) y posteriores QTS 5.1.0.2399 build 20230515 y posteriores QTS 4.3.6.2441 build 20230621 y posteriores QTS 4.3.4.2451 build 20230621 y posteriores QTS 4.3.3.2420 build 20230621 y posteriores QTS 4.2.6 build 20230621 y posteriores Media Streaming add-on 500.1.1.2 ( 2023/06/12 ) y posteriores Media Streaming add-on 500.0.0.11 ( 2023/06/16 ) y posteriores
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-01-11 CVE Reserved
- 2023-11-03 CVE Published
- 2024-08-02 CVE Updated
- 2024-11-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
- CAPEC-88: OS Command Injection
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.qnap.com/en/security-advisory/qsa-23-35 | 2023-11-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 5.1.0.2348 Search vendor "Qnap" for product "Qts" and version "5.1.0.2348" | build_20230325 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0895 Search vendor "Qnap" for product "Qts" and version "4.3.6.0895" | build_20190328 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0907 Search vendor "Qnap" for product "Qts" and version "4.3.6.0907" | build_20190409 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0923 Search vendor "Qnap" for product "Qts" and version "4.3.6.0923" | build_20190425 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0944 Search vendor "Qnap" for product "Qts" and version "4.3.6.0944" | build_20190516 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0959 Search vendor "Qnap" for product "Qts" and version "4.3.6.0959" | build_20190531 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0979 Search vendor "Qnap" for product "Qts" and version "4.3.6.0979" | build_20190620 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.0993 Search vendor "Qnap" for product "Qts" and version "4.3.6.0993" | build_20190704 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1013 Search vendor "Qnap" for product "Qts" and version "4.3.6.1013" | build_20190724 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1033 Search vendor "Qnap" for product "Qts" and version "4.3.6.1033" | build_20190813 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1070 Search vendor "Qnap" for product "Qts" and version "4.3.6.1070" | build_20190919 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1154 Search vendor "Qnap" for product "Qts" and version "4.3.6.1154" | build_20191212 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1218 Search vendor "Qnap" for product "Qts" and version "4.3.6.1218" | build_20200214 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1263 Search vendor "Qnap" for product "Qts" and version "4.3.6.1263" | build_20200330 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1286 Search vendor "Qnap" for product "Qts" and version "4.3.6.1286" | build_20200422 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1333 Search vendor "Qnap" for product "Qts" and version "4.3.6.1333" | build_20200608 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1411 Search vendor "Qnap" for product "Qts" and version "4.3.6.1411" | build_20200825 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1446 Search vendor "Qnap" for product "Qts" and version "4.3.6.1446" | build_20200929 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1620 Search vendor "Qnap" for product "Qts" and version "4.3.6.1620" | build_20210322 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1663 Search vendor "Qnap" for product "Qts" and version "4.3.6.1663" | build_20210504 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1711 Search vendor "Qnap" for product "Qts" and version "4.3.6.1711" | build_20210621 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1750 Search vendor "Qnap" for product "Qts" and version "4.3.6.1750" | build_20210730 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1831 Search vendor "Qnap" for product "Qts" and version "4.3.6.1831" | build_20211019 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1907 Search vendor "Qnap" for product "Qts" and version "4.3.6.1907" | build_20220103 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.1965 Search vendor "Qnap" for product "Qts" and version "4.3.6.1965" | build_20220302 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.2050 Search vendor "Qnap" for product "Qts" and version "4.3.6.2050" | build_20220526 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.6.2232 Search vendor "Qnap" for product "Qts" and version "4.3.6.2232" | build_20221124 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.0899 Search vendor "Qnap" for product "Qts" and version "4.3.4.0899" | build_20190322 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1029 Search vendor "Qnap" for product "Qts" and version "4.3.4.1029" | build_20190730 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1082 Search vendor "Qnap" for product "Qts" and version "4.3.4.1082" | build_20190921 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1190 Search vendor "Qnap" for product "Qts" and version "4.3.4.1190" | build_20200107 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1282 Search vendor "Qnap" for product "Qts" and version "4.3.4.1282" | build_20200408 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1368 Search vendor "Qnap" for product "Qts" and version "4.3.4.1368" | build_20200703 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1417 Search vendor "Qnap" for product "Qts" and version "4.3.4.1417" | build_20200821 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1463 Search vendor "Qnap" for product "Qts" and version "4.3.4.1463" | build_20201006 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1632 Search vendor "Qnap" for product "Qts" and version "4.3.4.1632" | build_20210324 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1652 Search vendor "Qnap" for product "Qts" and version "4.3.4.1652" | build_20210413 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.1976 Search vendor "Qnap" for product "Qts" and version "4.3.4.1976" | build_20220303 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.2107 Search vendor "Qnap" for product "Qts" and version "4.3.4.2107" | build_20220712 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.4.2242 Search vendor "Qnap" for product "Qts" and version "4.3.4.2242" | build_20221124 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.0174 Search vendor "Qnap" for product "Qts" and version "4.3.3.0174" | build_20170503 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.0868 Search vendor "Qnap" for product "Qts" and version "4.3.3.0868" | build_20190322 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.0998 Search vendor "Qnap" for product "Qts" and version "4.3.3.0998" | build_20190730 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1051 Search vendor "Qnap" for product "Qts" and version "4.3.3.1051" | build_20190921 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1098 Search vendor "Qnap" for product "Qts" and version "4.3.3.1098" | build_20191107 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1161 Search vendor "Qnap" for product "Qts" and version "4.3.3.1161" | build_20200109 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1252 Search vendor "Qnap" for product "Qts" and version "4.3.3.1252" | build_20200409 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1315 Search vendor "Qnap" for product "Qts" and version "4.3.3.1315" | build_20200611 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1386 Search vendor "Qnap" for product "Qts" and version "4.3.3.1386" | build_20200821 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1432 Search vendor "Qnap" for product "Qts" and version "4.3.3.1432" | build_20201006 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1624 Search vendor "Qnap" for product "Qts" and version "4.3.3.1624" | build_20210416 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1677 Search vendor "Qnap" for product "Qts" and version "4.3.3.1677" | build_20210608 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1693 Search vendor "Qnap" for product "Qts" and version "4.3.3.1693" | build_20210624 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1799 Search vendor "Qnap" for product "Qts" and version "4.3.3.1799" | build_20211008 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1864 Search vendor "Qnap" for product "Qts" and version "4.3.3.1864" | build_20211212 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.1945 Search vendor "Qnap" for product "Qts" and version "4.3.3.1945" | build_20220303 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.2057 Search vendor "Qnap" for product "Qts" and version "4.3.3.2057" | build_20220623 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.3.3.2211 Search vendor "Qnap" for product "Qts" and version "4.3.3.2211" | build_20221124 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20170517 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20190322 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20190730 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20190921 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20191107 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20200109 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20200421 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20200611 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20200821 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20210327 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20211215 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20220304 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20220623 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Qts Search vendor "Qnap" for product "Qts" | 4.2.6 Search vendor "Qnap" for product "Qts" and version "4.2.6" | build_20221028 |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 2.1.0 Search vendor "Qnap" for product "Multimedia Console" and version "2.1.0" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 2.1.1 Search vendor "Qnap" for product "Multimedia Console" and version "2.1.1" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 1.4.3 Search vendor "Qnap" for product "Multimedia Console" and version "1.4.3" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 1.4.4 Search vendor "Qnap" for product "Multimedia Console" and version "1.4.4" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 1.4.5 Search vendor "Qnap" for product "Multimedia Console" and version "1.4.5" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 1.4.6 Search vendor "Qnap" for product "Multimedia Console" and version "1.4.6" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Multimedia Console Search vendor "Qnap" for product "Multimedia Console" | 1.4.7 Search vendor "Qnap" for product "Multimedia Console" and version "1.4.7" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.1.1.0 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.1.1.0" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.1.1.1 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.1.1.1" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.0 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.0" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.1 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.1" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.3 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.3" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.4 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.4" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.5 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.5" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.6 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.6" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.7 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.7" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.8 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.8" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.9 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.9" | - |
Affected
| ||||||
Qnap Search vendor "Qnap" | Media Streaming Add-on Search vendor "Qnap" for product "Media Streaming Add-on" | 500.0.0.10 Search vendor "Qnap" for product "Media Streaming Add-on" and version "500.0.0.10" | - |
Affected
|