CVE-2023-23356

Name of the Vulnerable Software and Affected Versions QuFirewall versions prior to 2.3.3

Description A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands.

Recommendations For QuFirewall versions prior to 2.3.3, update to version 2.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the QuFirewall module to minimize the risk of exploitation.