216.73.217.22

CVE-2023-34974

· Published 06/09/2024 17:15 · Modified 13/09/2024 21:14

Labels: CVE-2023-34974 2024-09-06CVE-2023-34974CWE-78[email protected]

Essential information

Published
06/09/2024 17:15
Modified
13/09/2024 21:14
Author
Creator
CVSS
8.8 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected. We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790 build 20240605 and later QuTS hero h4.5.4.2626 build 20231225 and later

NVD status

Status
Analyzed — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1715:build_20210630:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1723:build_20210708:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1741:build_20210726:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1787:build_20210910:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1800:build_20210923:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1892:build_20211223:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.1931:build_20220128:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.2012:build_20220419:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.2117:build_20220802:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.2280:build_20230112:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.2374:build_20230416:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.2467:build_20230718:*:*:*:*:*:*
qnap / qts cpe:2.3:o:qnap:qts:4.5.4.2627:build_20231225:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1771:build_20210825:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1800:build_20210923:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1813:build_20211006:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1848:build_20211109:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1892:build_20211223:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1951:build_20220218:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1971:build_20220310:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.1991:build_20220330:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2052:build_20220530:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2138:build_20220824:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2217:build_20221111:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2272:build_20230105:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2374:build_20230417:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2476:build_20230728:*:*:*:*:*:*
qnap / quts hero cpe:2.3:o:qnap:quts_hero:h4.5.4.2626:build_20231225:*:*:*:*:*:*

References