CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39297

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.9%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2023-39297

Qnap » Qts » Version: 4.5.4.1715

cpe:2.3:o:qnap:qts:4.5.4.1715
Qnap » Qts » Version: 4.5.4.1723

cpe:2.3:o:qnap:qts:4.5.4.1723
Qnap » Qts » Version: 4.5.4.1741

cpe:2.3:o:qnap:qts:4.5.4.1741
Qnap » Qts » Version: 4.5.4.1787

cpe:2.3:o:qnap:qts:4.5.4.1787
Qnap » Qts » Version: 4.5.4.1800

cpe:2.3:o:qnap:qts:4.5.4.1800
Qnap » Qts » Version: 4.5.4.1892

cpe:2.3:o:qnap:qts:4.5.4.1892
Qnap » Qts » Version: 4.5.4.1931

cpe:2.3:o:qnap:qts:4.5.4.1931
Qnap » Qts » Version: 4.5.4.2012

cpe:2.3:o:qnap:qts:4.5.4.2012
Qnap » Qts » Version: 4.5.4.2117

cpe:2.3:o:qnap:qts:4.5.4.2117
Qnap » Qts » Version: 4.5.4.2280

cpe:2.3:o:qnap:qts:4.5.4.2280
Qnap » Qts » Version: 4.5.4.2374

cpe:2.3:o:qnap:qts:4.5.4.2374
Qnap » Qts » Version: 4.5.4.2627

cpe:2.3:o:qnap:qts:4.5.4.2627
Qnap » Qts » Version: 5.1.0.2348

cpe:2.3:o:qnap:qts:5.1.0.2348
Qnap » Qts » Version: 5.1.0.2399

cpe:2.3:o:qnap:qts:5.1.0.2399
Qnap » Qts » Version: 5.1.0.2418

cpe:2.3:o:qnap:qts:5.1.0.2418
Qnap » Qts » Version: 5.1.0.2444

cpe:2.3:o:qnap:qts:5.1.0.2444
Qnap » Qts » Version: 5.1.0.2466

cpe:2.3:o:qnap:qts:5.1.0.2466
Qnap » Qts » Version: 5.1.1.2491

cpe:2.3:o:qnap:qts:5.1.1.2491
Qnap » Qts » Version: 5.1.2.2533

cpe:2.3:o:qnap:qts:5.1.2.2533
Qnap » Qts » Version: 5.1.3.2578

cpe:2.3:o:qnap:qts:5.1.3.2578
Qnap » Qts » Version: 5.1.4.2596

cpe:2.3:o:qnap:qts:5.1.4.2596
Qnap » Quts Hero » Version: h4.5.4.1771

cpe:2.3:o:qnap:quts_hero:h4.5.4.1771
Qnap » Quts Hero » Version: h4.5.4.1800

cpe:2.3:o:qnap:quts_hero:h4.5.4.1800
Qnap » Quts Hero » Version: h4.5.4.1813

cpe:2.3:o:qnap:quts_hero:h4.5.4.1813
Qnap » Quts Hero » Version: h4.5.4.1848

cpe:2.3:o:qnap:quts_hero:h4.5.4.1848
Qnap » Quts Hero » Version: h4.5.4.1892

cpe:2.3:o:qnap:quts_hero:h4.5.4.1892
Qnap » Quts Hero » Version: h4.5.4.1951

cpe:2.3:o:qnap:quts_hero:h4.5.4.1951
Qnap » Quts Hero » Version: h4.5.4.1971

cpe:2.3:o:qnap:quts_hero:h4.5.4.1971
Qnap » Quts Hero » Version: h4.5.4.1991

cpe:2.3:o:qnap:quts_hero:h4.5.4.1991
Qnap » Quts Hero » Version: h4.5.4.2052

cpe:2.3:o:qnap:quts_hero:h4.5.4.2052
Qnap » Quts Hero » Version: h4.5.4.2138

cpe:2.3:o:qnap:quts_hero:h4.5.4.2138
Qnap » Quts Hero » Version: h4.5.4.2217

cpe:2.3:o:qnap:quts_hero:h4.5.4.2217
Qnap » Quts Hero » Version: h4.5.4.2272

cpe:2.3:o:qnap:quts_hero:h4.5.4.2272
Qnap » Quts Hero » Version: h4.5.4.2374

cpe:2.3:o:qnap:quts_hero:h4.5.4.2374
Qnap » Quts Hero » Version: h4.5.4.2476

cpe:2.3:o:qnap:quts_hero:h4.5.4.2476
Qnap » Quts Hero » Version: h4.5.4.2626

cpe:2.3:o:qnap:quts_hero:h4.5.4.2626
Qnap » Quts Hero » Version: h5.1.0.2409

cpe:2.3:o:qnap:quts_hero:h5.1.0.2409
Qnap » Quts Hero » Version: h5.1.0.2424

cpe:2.3:o:qnap:quts_hero:h5.1.0.2424
Qnap » Quts Hero » Version: h5.1.0.2453

cpe:2.3:o:qnap:quts_hero:h5.1.0.2453
Qnap » Quts Hero » Version: h5.1.0.2466

cpe:2.3:o:qnap:quts_hero:h5.1.0.2466
Qnap » Quts Hero » Version: h5.1.1.2488

cpe:2.3:o:qnap:quts_hero:h5.1.1.2488
Qnap » Quts Hero » Version: h5.1.2.2534

cpe:2.3:o:qnap:quts_hero:h5.1.2.2534
Qnap » Quts Hero » Version: h5.1.3.2578

cpe:2.3:o:qnap:quts_hero:h5.1.3.2578
Qnap » Quts Hero » Version: h5.1.4.2596

cpe:2.3:o:qnap:quts_hero:h5.1.4.2596
Qnap » Qutscloud » Version: c5.1.0.2498

cpe:2.3:o:qnap:qutscloud:c5.1.0.2498

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-39297

Products

Pricing

Contact Us