QID 731155

Date Published: 2024-02-15

QID 731155: QNAP QTS OS Command Injection Vulnerability (QSA-23-57)

QTS is the operating system for all entry-level and mid-level QNAP NAS models.

Multiple vulnerabilities have been reported to affect several QNAP operating system versions. If exploited, the OS command injection vulnerabilities could allow users to execute commands via a network.

Affected Versions of QNAP QTS:
QTS from 5.1.0.2348 build 20230325 prior to 5.1.5.2645 build 20240116.
QTS 5.0.1.2034 build 20220515 prior to 5.1.5.2645 build 20240116.
QTS 5.0.0.1716 build 20210701 prior to 5.1.5.2645 build 20240116.
QTS 4.4.0.0883 build 20190323 to 4.4.0.0979 build 20190627.
QTS 4.4.1.0948 build 20190527 to 4.4.1.1261 build 20200330.
QTS 4.4.2.1270 build 20200410 to 4.4.2.1320 build 20200529 .
QTS 4.4.3.1354 build 20200702 to 4.4.3.1444 build 20200930.
QTS 4.5.1.1456 build 20201015 to 4.5.1.1540 build 20210107.
QTS 4.5.2.1566 build 20210202 to 4.5.2.1630 build 20210406.
QTS 4.5.3.1652 build 20210428 to 4.5.3.1697 build 20210611.
QTS 4.5.4.1715 build 20210630 prior to 4.5.4.2627 build 20231225.
QTS 4.3.5.0675 build 20180822.
QTS 4.3.6.0895 build 20190328 prior to 4.3.6.2665 build 20240131.
QTS 4.3.4.0899 build 20190322 prior to 4.3.4.2675 build 20240131.
QTS 4.3.3.0174 build 20170503 prior to 4.3.3.2644 build 20240131.
QTS 4.2.6 build 20170517 prior to 4.2.6 build 20240131.

The following QNAP QTS are partially fixed versions:
QTS 5.1.0.2444 build 20230629 and later.
QTS 5.0.1.2145 build 20220903 and later.
QTS 5.0.0.1986 build 20220324 and later.
QTS 4.5.4.2012 build 20220419 and later.
QTS 4.3.6.2665 build 20240131 and later.
QTS 4.3.4.2675 build 20240131 and later.
QTS 4.3.3.2644 build 20240131 and later.
QTS 4.2.6 build 20240131 and later.

QID Detection Logic (Unauthenticated):
This QID checks for vulnerable versions of the QNAP QTS target by sending a GET request to the 'authLogin.cgi' endpoint.

Successful exploitation of the vulnerability could allow users to execute commands via a network.

CVSS V3 rated as Medium - 5.8 severity.

CVSS V2 rated as Medium - 4.3 severity.

Solution

The vendor has released a patch addressing the vulnerability, customers are advised to upgrade to the latest version of QNAP QTS. For more information please refer to QSA-23-57

Vendor References

QSA-23-57 - www.qnap.com/en/security-advisory/qsa-23-57

CVEs related to QID 731155

CVE-2023-47218 | CVE-2023-50358 |

Software Advisories

Advisory ID	Software	Component	Link
QSA-23-57			www.qnap.com/en/security-advisory/qsa-23-57

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].