An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QVR Firmware 5.0.0 and later
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.qnap.com/en/security-advisory/qsa-23-48 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: qnap
Published: 2023-12-08T16:06:29.861Z
Updated: 2024-08-02T21:09:37.379Z
Reserved: 2023-11-06T14:11:12.322Z
Link: CVE-2023-47565
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-08T16:15:16.367
Modified: 2023-12-22T02:00:01.337
Link: CVE-2023-47565
Redhat
No data.