Test ID:	1.3.6.1.4.1.25623.1.0.151639
Category:	General
Title:	QNAP QTS Multiple Vulnerabilities (QSA-23-46, QSA-23-53)
Summary:	QNAP QTS is prone to multiple vulnerabilities.
Description:	Summary: QNAP QTS is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2023-41292, CVE-2023-45035, CVE-2023-45036, CVE-2023-45037: Multiple buffer copy without checking size of input vulnerabilities have been reported to affect certain QNAP operating system versions. If exploited, these vulnerabilities could allow authenticated administrators to execute code via a network. - CVE-2023-41281, CVE-2023-41282, CVE-2023-41283: Multiple OS command injections have been reported to affect certain QNAP operating system versions. If exploited, these vulnerabilities could allow authenticated administrators to execute commands via a network. Affected Software/OS: QNAP QTS version 5.1.x. Solution: Update to version 5.1.4.2596 build 20231128 or later. CVSS Score: 8.3 CVSS Vector: AV:N/AC:L/Au:M/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-41281 https://www.qnap.com/en/security-advisory/qsa-23-53 Common Vulnerability Exposure (CVE) ID: CVE-2023-41282 Common Vulnerability Exposure (CVE) ID: CVE-2023-41283 Common Vulnerability Exposure (CVE) ID: CVE-2023-41292 https://www.qnap.com/en/security-advisory/qsa-23-46 Common Vulnerability Exposure (CVE) ID: CVE-2023-45035 Common Vulnerability Exposure (CVE) ID: CVE-2023-45036 Common Vulnerability Exposure (CVE) ID: CVE-2023-45037
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.