Tag: QTS

QNAP QTS OS Command Injection Vulnerabilities (CVE-2023-47218 & CVE-2023-50358)

Posted by Author Diksha Ojha on Posted on

Two OS command injection vulnerabilities impact the operating systems embedded in the firmware of QNAP’s popular network-attached storage (NAS) devices. Tracked as CVE-2023-47218 and CVE-2023-50358, the vulnerabilities may allow users to execute commands via a network. The vulnerabilities affect QNAP operating systems such as QTS, QuTS Hero, and QuTS Cloud. CVE-2023-47218 can be exploited by … Continue reading “QNAP QTS OS Command Injection Vulnerabilities (CVE-2023-47218 & CVE-2023-50358)”

QNAP QTS Command Injection Vulnerabilities (CVE-2023-23368 & CVE-2023-23369)

Posted by Author Diksha Ojha on Posted on

QNAP has released security advisories to address command injection vulnerabilities in multiple QNAP operating system versions. Tracked as CVE-2023-23368 and CVE-2023-23369, the vulnerabilities are rated as critical with a CVSS score of 9.8 and 9, respectively. Successful exploitation of the vulnerabilities may allow a remote attacker to execute commands via a network.