CVE-2023-45025

02.02.2024, 16:15

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.

We have already fixed the vulnerability in the following versions:
QTS 5.1.4.2596 build 20231128 and later
QTS 4.5.4.2627 build 20231225 and later
QuTS hero h5.1.4.2596 build 20231128 and later
QuTS hero h4.5.4.2626 build 20231225 and later
QuTScloud c5.1.5.2651 and later

Command Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9 CRITICAL	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
qnap	CNA	9 CRITICAL	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 34%

Vendor	Product	Version
qnap	qts	4.5.4.1715:build_20210630
qnap	qts	4.5.4.1723:build_20210708
qnap	qts	4.5.4.1741:build_20210726
qnap	qts	4.5.4.1787:build_20210910
qnap	qts	4.5.4.1800:build_20210923
qnap	qts	4.5.4.1892:build_20211223
qnap	qts	4.5.4.1931:build_20220128
qnap	qts	4.5.4.2012:build_20220419
qnap	qts	4.5.4.2117:build_20220802
qnap	qts	4.5.4.2280:build_20230112
qnap	qts	4.5.4.2374:build_20230416
qnap	qts	4.5.4.2627
qnap	qts	5.1.0.2348:build_20230325
qnap	qts	5.1.0.2399:build_20230515
qnap	qts	5.1.0.2418:build_20230603
qnap	qts	5.1.0.2444:build_20230629
qnap	qts	5.1.0.2466:build_20230721
qnap	qts	5.1.1.2491:build_20230815
qnap	qts	5.1.2.2533:build_20230926
qnap	qts	5.1.3.2578:build_20231110
qnap	qts	5.1.4.2596

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

References

https://www.qnap.com/en/security-advisory/qsa-23-47