Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-23369

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: Multimedia Console 2.1.2 ( 2023/05/04 ) and later Multimedia Console 1.4.8 ( 2023/05/05 ) and later QTS 5.1.0.2399 build 20230515 and later QTS 4.3.6.2441 build 20230621 and later QTS 4.3.4.2451 build 20230621 and later QTS 4.3.3.2420 build 20230621 and later QTS 4.2.6 build 20230621 and later Media Streaming add-on 500.1.1.2 ( 2023/06/12 ) and later Media Streaming add-on 500.0.0.11 ( 2023/06/16 ) and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.15
EPSS Ranking 94.2%
CVSS Severity
CVSS v3 Score 9.0
Products affected by CVE-2023-23369
  • Qnap » Media Streaming Add-On » Version: 500.0.0.0
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.0
  • Qnap » Media Streaming Add-On » Version: 500.0.0.1
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.1
  • Qnap » Media Streaming Add-On » Version: 500.0.0.10
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.10
  • Qnap » Media Streaming Add-On » Version: 500.0.0.3
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.3
  • Qnap » Media Streaming Add-On » Version: 500.0.0.4
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.4
  • Qnap » Media Streaming Add-On » Version: 500.0.0.5
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.5
  • Qnap » Media Streaming Add-On » Version: 500.0.0.6
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.6
  • Qnap » Media Streaming Add-On » Version: 500.0.0.7
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.7
  • Qnap » Media Streaming Add-On » Version: 500.0.0.8
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.8
  • Qnap » Media Streaming Add-On » Version: 500.0.0.9
    cpe:2.3:a:qnap:media_streaming_add-on:500.0.0.9
  • Qnap » Media Streaming Add-On » Version: 500.1.1.0
    cpe:2.3:a:qnap:media_streaming_add-on:500.1.1.0
  • Qnap » Media Streaming Add-On » Version: 500.1.1.1
    cpe:2.3:a:qnap:media_streaming_add-on:500.1.1.1
  • Qnap » Multimedia Console » Version: 1.4.3
    cpe:2.3:a:qnap:multimedia_console:1.4.3
  • Qnap » Multimedia Console » Version: 1.4.4
    cpe:2.3:a:qnap:multimedia_console:1.4.4
  • Qnap » Multimedia Console » Version: 1.4.5
    cpe:2.3:a:qnap:multimedia_console:1.4.5
  • Qnap » Multimedia Console » Version: 1.4.6
    cpe:2.3:a:qnap:multimedia_console:1.4.6
  • Qnap » Multimedia Console » Version: 1.4.7
    cpe:2.3:a:qnap:multimedia_console:1.4.7
  • Qnap » Multimedia Console » Version: 2.1.0
    cpe:2.3:a:qnap:multimedia_console:2.1.0
  • Qnap » Multimedia Console » Version: 2.1.1
    cpe:2.3:a:qnap:multimedia_console:2.1.1
  • Qnap » Qts » Version: 4.2.6
    cpe:2.3:o:qnap:qts:4.2.6
  • Qnap » Qts » Version: 4.3.3.0174
    cpe:2.3:o:qnap:qts:4.3.3.0174
  • Qnap » Qts » Version: 4.3.3.0868
    cpe:2.3:o:qnap:qts:4.3.3.0868
  • Qnap » Qts » Version: 4.3.3.0998
    cpe:2.3:o:qnap:qts:4.3.3.0998
  • Qnap » Qts » Version: 4.3.3.1051
    cpe:2.3:o:qnap:qts:4.3.3.1051
  • Qnap » Qts » Version: 4.3.3.1098
    cpe:2.3:o:qnap:qts:4.3.3.1098
  • Qnap » Qts » Version: 4.3.3.1161
    cpe:2.3:o:qnap:qts:4.3.3.1161
  • Qnap » Qts » Version: 4.3.3.1252
    cpe:2.3:o:qnap:qts:4.3.3.1252
  • Qnap » Qts » Version: 4.3.3.1315
    cpe:2.3:o:qnap:qts:4.3.3.1315
  • Qnap » Qts » Version: 4.3.3.1386
    cpe:2.3:o:qnap:qts:4.3.3.1386
  • Qnap » Qts » Version: 4.3.3.1432
    cpe:2.3:o:qnap:qts:4.3.3.1432
  • Qnap » Qts » Version: 4.3.3.1624
    cpe:2.3:o:qnap:qts:4.3.3.1624
  • Qnap » Qts » Version: 4.3.3.1677
    cpe:2.3:o:qnap:qts:4.3.3.1677
  • Qnap » Qts » Version: 4.3.3.1693
    cpe:2.3:o:qnap:qts:4.3.3.1693
  • Qnap » Qts » Version: 4.3.3.1799
    cpe:2.3:o:qnap:qts:4.3.3.1799
  • Qnap » Qts » Version: 4.3.3.1864
    cpe:2.3:o:qnap:qts:4.3.3.1864
  • Qnap » Qts » Version: 4.3.3.1945
    cpe:2.3:o:qnap:qts:4.3.3.1945
  • Qnap » Qts » Version: 4.3.3.2057
    cpe:2.3:o:qnap:qts:4.3.3.2057
  • Qnap » Qts » Version: 4.3.3.2211
    cpe:2.3:o:qnap:qts:4.3.3.2211
  • Qnap » Qts » Version: 4.3.4.0899
    cpe:2.3:o:qnap:qts:4.3.4.0899
  • Qnap » Qts » Version: 4.3.4.1029
    cpe:2.3:o:qnap:qts:4.3.4.1029
  • Qnap » Qts » Version: 4.3.4.1082
    cpe:2.3:o:qnap:qts:4.3.4.1082
  • Qnap » Qts » Version: 4.3.4.1190
    cpe:2.3:o:qnap:qts:4.3.4.1190
  • Qnap » Qts » Version: 4.3.4.1282
    cpe:2.3:o:qnap:qts:4.3.4.1282
  • Qnap » Qts » Version: 4.3.4.1368
    cpe:2.3:o:qnap:qts:4.3.4.1368
  • Qnap » Qts » Version: 4.3.4.1417
    cpe:2.3:o:qnap:qts:4.3.4.1417
  • Qnap » Qts » Version: 4.3.4.1463
    cpe:2.3:o:qnap:qts:4.3.4.1463
  • Qnap » Qts » Version: 4.3.4.1632
    cpe:2.3:o:qnap:qts:4.3.4.1632
  • Qnap » Qts » Version: 4.3.4.1652
    cpe:2.3:o:qnap:qts:4.3.4.1652
  • Qnap » Qts » Version: 4.3.4.1976
    cpe:2.3:o:qnap:qts:4.3.4.1976
  • Qnap » Qts » Version: 4.3.4.2107
    cpe:2.3:o:qnap:qts:4.3.4.2107
  • Qnap » Qts » Version: 4.3.4.2242
    cpe:2.3:o:qnap:qts:4.3.4.2242
  • Qnap » Qts » Version: 4.3.6.0895
    cpe:2.3:o:qnap:qts:4.3.6.0895
  • Qnap » Qts » Version: 4.3.6.0907
    cpe:2.3:o:qnap:qts:4.3.6.0907
  • Qnap » Qts » Version: 4.3.6.0923
    cpe:2.3:o:qnap:qts:4.3.6.0923
  • Qnap » Qts » Version: 4.3.6.0944
    cpe:2.3:o:qnap:qts:4.3.6.0944
  • Qnap » Qts » Version: 4.3.6.0959
    cpe:2.3:o:qnap:qts:4.3.6.0959
  • Qnap » Qts » Version: 4.3.6.0979
    cpe:2.3:o:qnap:qts:4.3.6.0979
  • Qnap » Qts » Version: 4.3.6.0993
    cpe:2.3:o:qnap:qts:4.3.6.0993
  • Qnap » Qts » Version: 4.3.6.1013
    cpe:2.3:o:qnap:qts:4.3.6.1013
  • Qnap » Qts » Version: 4.3.6.1033
    cpe:2.3:o:qnap:qts:4.3.6.1033
  • Qnap » Qts » Version: 4.3.6.1070
    cpe:2.3:o:qnap:qts:4.3.6.1070
  • Qnap » Qts » Version: 4.3.6.1154
    cpe:2.3:o:qnap:qts:4.3.6.1154
  • Qnap » Qts » Version: 4.3.6.1218
    cpe:2.3:o:qnap:qts:4.3.6.1218
  • Qnap » Qts » Version: 4.3.6.1263
    cpe:2.3:o:qnap:qts:4.3.6.1263
  • Qnap » Qts » Version: 4.3.6.1286
    cpe:2.3:o:qnap:qts:4.3.6.1286
  • Qnap » Qts » Version: 4.3.6.1333
    cpe:2.3:o:qnap:qts:4.3.6.1333
  • Qnap » Qts » Version: 4.3.6.1411
    cpe:2.3:o:qnap:qts:4.3.6.1411
  • Qnap » Qts » Version: 4.3.6.1446
    cpe:2.3:o:qnap:qts:4.3.6.1446
  • Qnap » Qts » Version: 4.3.6.1620
    cpe:2.3:o:qnap:qts:4.3.6.1620
  • Qnap » Qts » Version: 4.3.6.1663
    cpe:2.3:o:qnap:qts:4.3.6.1663
  • Qnap » Qts » Version: 4.3.6.1711
    cpe:2.3:o:qnap:qts:4.3.6.1711
  • Qnap » Qts » Version: 4.3.6.1750
    cpe:2.3:o:qnap:qts:4.3.6.1750
  • Qnap » Qts » Version: 4.3.6.1831
    cpe:2.3:o:qnap:qts:4.3.6.1831
  • Qnap » Qts » Version: 4.3.6.1907
    cpe:2.3:o:qnap:qts:4.3.6.1907
  • Qnap » Qts » Version: 4.3.6.1965
    cpe:2.3:o:qnap:qts:4.3.6.1965
  • Qnap » Qts » Version: 4.3.6.2050
    cpe:2.3:o:qnap:qts:4.3.6.2050
  • Qnap » Qts » Version: 4.3.6.2232
    cpe:2.3:o:qnap:qts:4.3.6.2232
  • Qnap » Qts » Version: 5.1.0.2348
    cpe:2.3:o:qnap:qts:5.1.0.2348


Contact Us

Shodan ® - All rights reserved