Vulnerabilities > CVE-2023-47565 - Unspecified vulnerability in Qnap QVR Firmware

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

qnap

NVD

Published: 2023-12-08

Updated: 2024-11-21

Summary

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmware 5.0.0 and later

Vulnerable Configurations

Part	Description	Count
OS	Qnap Qnap QVR Firmware *	1

References

https://www.qnap.com/en/security-advisory/qsa-23-48
https://www.qnap.com/en/security-advisory/qsa-23-48

Summary

Vulnerable Configurations

Related news

References