QNAP has released security advisories to address command injection vulnerabilities in multiple QNAP operating system versions. Tracked as CVE-2023-23368 and CVE-2023-23369, the vulnerabilities are rated as critical with a CVSS score of 9.8 and 9, respectively. Successful exploitation of the vulnerabilities may allow a remote attacker to execute commands via a network.
QNAP QTS provides advanced drive analysis and RAID disc replacement that protects your data delegated administration to reduce management workload. QTS comes with an SMB multichannel for improved performance and fault-tolerant connections.
Affected versions
CVE-2023-23368:
- QTS 5.0.x
- QTS 4.5.x
- QuTS hero h5.0.x
- QuTS hero h4.5.x
- QuTScloud c5.0.x
CVE-2023-23369:
- QTS 5.1.x
- QTS 4.3.6
- QTS 4.3.4
- QTS 4.3.3
- QTS 4.2.x
- Multimedia Console 2.1.x
- Multimedia Console 1.4.x
- Media Streaming add-on 500.1.x
- Media Streaming add-on 500.0.x
Mitigation
CVE-2023-23368:
- QuTScloud c5.0.1.2374 and later
- QTS 5.0.1.2376 build 20230421 and later
- QTS 4.5.4.2374 build 20230416 and later
- QuTS hero h5.0.1.2376 build 20230421 and later
- QuTS hero h4.5.4.2374 build 20230417 and later
CVE-2023-23369:
- QTS 5.1.0.2399 build 20230515 and later
- QTS 4.3.6.2441 build 20230621 and later
- QTS 4.3.4.2451 build 20230621 and later
- QTS 4.3.3.2420 build 20230621 and later
- QTS 4.2.6 build 20230621 and later
- Multimedia Console 2.1.2 (2023/05/04) and later
- Multimedia Console 1.4.8 (2023/05/05) and later
- Media Streaming add-on 500.1.1.2 (2023/06/12) and later
- Media Streaming add-on 500.0.0.11 (2023/06/16) and later
Please refer to the QNAP Security Advisories QSA-23-31 and QSA-23-35 for more information.
Qualys Detection
Qualys customers can scan their devices with QIDs 730968 and 730969 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://www.qnap.com/en-uk/security-advisory/qsa-23-31
https://www.qnap.com/en-uk/security-advisory/qsa-23-35