CVE-2023-23369

Name of the Vulnerable Software and Affected Versions QTS versions prior to 5.1.0.2399 build 20230515 QTS versions prior to 4.3.6.2441 build 20230621 QTS versions prior to 4.3.4.2451 build 20230621 QTS versions prior to 4.3.3.2420 build 20230621 QTS versions prior to 4.2.6 build 20230621 Multimedia Console versions prior to 2.1.2 Multimedia Console versions prior to 1.4.8 Media Streaming add-on versions prior to 500.1.1.2 Media Streaming add-on versions prior to 500.0.0.11

Description The issue is related to an OS command injection vulnerability that affects several QNAP operating system versions. If exploited, it could allow users to execute commands via a network.

Recommendations Update QTS to version 5.1.0.2399 build 20230515 or later. Update QTS to version 4.3.6.2441 build 20230621 or later. Update QTS to version 4.3.4.2451 build 20230621 or later. Update QTS to version 4.3.3.2420 build 20230621 or later. Update QTS to version 4.2.6 build 20230621 or later. Update Multimedia Console to version 2.1.2 or later. Update Multimedia Console to version 1.4.8 or later. Update Media Streaming add-on to version 500.1.1.2 or later. Update Media Streaming add-on to version 500.0.0.11 or later.