An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fixed the vulnerability in the following versions:
QVR Firmware 5.0.0 and later
References
Link | Resource |
---|---|
https://www.qnap.com/en/security-advisory/qsa-23-48 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: qnap
Published: 2023-12-08T16:06:29.861Z
Updated: 2023-12-08T16:06:29.861Z
Reserved: 2023-11-06T14:11:12.322Z
Link: CVE-2023-47565
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-08T16:15:16.367
Modified: 2023-12-22T02:00:01.337
Link: CVE-2023-47565
JSON object: View
Redhat Information
No data.
CWE