Qnap Fourteen Security Advisories on Resolved Vulnerabilities
Concerning QTS and QuTS hero NAS OS, QuTScloud, Qsync Central, OpenSSH, and Photo Station
This is a Press Release edited by StorageNewsletter.com on February 6, 2024 at 2:01 pmQnap Systems, Inc. had published security enhancement against security vulnerabilities that could affect specific versions of the company’s products.
Use the following information and solutions to correct the security issues and vulnerabilities.
This advisory includes the following:
- Vulnerability in QTS and QuTS hero (ID: QSA-23-30)
- Multiple Vulnerabilities in QTS and QuTS hero (ID: QSA-23-33)
- Multiple Vulnerabilities in QTS and QuTS hero (ID: QSA-23-38)
- Multiple Vulnerabilities in QTS and QuTS hero (ID: QSA-23-46)
- Vulnerability in QTS and QuTS hero (ID: QSA-23-47)
- Multiple Vulnerabilities in QTS and QuTS hero (ID: QSA-23-53)
- Vulnerability in QTS and QuTScloud (ID: QSA-24-01)
- Multiple Vulnerabilities in QTS, QuTS hero, and QuTScloud (ID: QSA-24-02)
- Vulnerability in Qsync Central (ID: QSA-24-03)
- Vulnerability in QTS, QuTS hero, and QuTScloud (ID: QSA-24-04)
- Multiple Vulnerabilities in QTS, QuTS hero, and QuTScloud (ID: QSA-24-05)
- Vulnerability in OpenSSH (ID: QSA-24-06)
- Vulnerability in QTS and QuTS hero (ID: QSA-24-07)
- Multiple Vulnerabilities in Photo Station (ID: QSA-24-08)
Vulnerability in QTS and QuTS hero
Security ID: QSA-23-30
Release date: February 3, 2024
CVE identifier: CVE-2023-39297
Severity: High
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
An OS command injection vulnerability has been reported to affect certain Qnap OS versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.4.2596 build 20231128 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.4.2596 build 20231128 and later |
Multiple Vulnerabilities in QTS and QuTS hero
Security ID: QSA-23-33
Release date: February 3, 2024
CVE identifier: CVE-2023-39302 | CVE-2023-39303
Severity: Medium
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
Multiple vulnerabilities have been reported to affect certain Qnap OS versions:
-
CVE-2023-39302: If exploited, the OS command injection vulnerability could allow authenticated administrators to execute commands via a network.
-
CVE-2023-39303: If exploited, the improper authentication vulnerability could allow users to compromise the security of the system via a network.
The company have already fixed vulnerabilities in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.3.2578 build 20231110 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.3.2578 build 20231110 and later |
Multiple Vulnerabilities in QTS and QuTS hero
Security ID: QSA-23-38
Release date: February 3, 2024
CVE identifier: CVE-2023-41273 | CVE-2023-41274 | CVE-2023-41275 | CVE-2023-41276 | CVE-2023-41277 | CVE-2023-41278 | CVE-2023-41279 | CVE-2023-41280
Severity: Medium
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
Multiple vulnerabilities have been reported to affect certain Qnap OS versions:
-
CVE-2023-41273: If exploited, the heap-based buffer overflow vulnerability could allow authenticated administrators to execute code via a network.
-
CVE-2023-41274: If exploited, the NULL pointer dereference vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.
-
CVE-2023-41275, CVE-2023-41276, CVE-2023-41277, CVE-2023-41278, CVE-2023-41279, CVE-2023-41280: If exploited, these buffer copy without checking size of input vulnerabilities could allow authenticated administrators to execute code via a network.
The company have already fixed vulnerabilities in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.2.2533 build 20230926 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.2.2534 build 20230927 and later |
Multiple Vulnerabilities in QTS and QuTS hero
Security ID: QSA-23-46
Release date: February 3, 2024
CVE identifier: CVE-2023-41292 | CVE-2023-45035 | CVE-2023-45036 | CVE-2023-45037
Severity: Low
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
Multiple buffer copy without checking size of input vulnerabilities have been reported to affect certain Qnap OS versions. If exploited, these vulnerabilities could allow authenticated administrators to execute code via a network.
The company have already fixed vulnerabilities in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.4.2596 build 20231128 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.4.2596 build 20231128 and later |
Vulnerability in QTS and QuTS hero
Security ID: QSA-23-47
Release date: February 3, 2024
CVE identifier: CVE-2023-45025
Severity: Critical
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
An OS command injection vulnerability has been reported to affect certain Qnap OS versions. If exploited, the vulnerability could allow users to execute commands via a network when the system is in a certain configuration.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.4.2596 build 20231128 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.4.2596 build 20231128 and later |
Multiple Vulnerabilities in QTS and QuTS hero
Security ID: QSA-23-53
Release date: February 3, 2024
CVE identifier: CVE-2023-41281 | CVE-2023-41282 | CVE-2023-41283
Severity: Medium
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
Multiple OS command injection vulnerabilities have been reported to affect certain Qnap OS versions. If exploited, these vulnerabilities could allow authenticated administrators to execute commands via a network.
The company have already fixed vulnerabilities in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.4.2596 build 20231128 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.4.2596 build 20231128 and later |
Vulnerability in QTS and QuTScloud
Security ID: QSA-24-01
Release date: February 3, 2024
CVE identifier: CVE-2023-32967
Severity: Medium
Status: Resolved
Affected products: QTS 4.5.x, QuTScloud c5.x
Summary
An incorrect authorization vulnerability has been reported to affect certain Qnap OS versions. If exploited, the vulnerability could allow authenticated users to bypass intended access restrictions via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 4.5.x |
QTS 4.5.4.2627 build 20231225 and later |
|
QuTScloud c5.x |
QuTScloud c5.1.5.2651 and later |
QTS 5.x and QuTS hero are not affected.
Multiple Vulnerabilities in QTS, QuTS hero, and QuTScloud
Security ID: QSA-24-02
Release date: February 3, 2024
CVE identifier: CVE-2023-45026 | CVE-2023-45027 | CVE-2023-45028
Severity: Medium
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x, QuTScloud c5.x
Summary
Multiple vulnerabilities have been reported to affect several Qnap OS versions:
-
CVE-2023-45026 and CVE-2023-45027: If exploited, the path traversal vulnerabilities could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network.
-
CVE-2023-45028: If exploited, the uncontrolled resource consumption vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.5.2645 build 20240116 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.5.2647 build 20240118 and later |
|
QuTScloud c5.x |
QuTScloud c5.1.5.2651 and later |
Vulnerability in Qsync Central
Security ID: QSA-24-03
Release date: February 3, 2024
CVE identifier: CVE-2023-47564
Severity: High
Status: Resolved
Affected products: Qsync Central 4.4.x, 4.3.x
Summary
An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify critical resources via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
Qsync Central 4.4.x |
Qsync Central 4.4.0.15 (2024/01/04) and later |
|
Qsync Central 4.3.x |
Qsync Central 4.3.0.11 (2024/01/11) and later |
Vulnerability in QTS, QuTS hero, and QuTScloud
Security ID: QSA-24-04
Release date: February 3, 2024
CVE identifier: CVE-2023-47566
Severity: Medium
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x, QuTScloud c5.x
Summary
An OS command injection vulnerability has been reported to affect several Qnap OS versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.5.2645 build 20240116 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.5.2647 build 20240118 and later |
|
QuTScloud c5.x |
QuTScloud c5.1.5.2651 and later |
Multiple Vulnerabilities in QTS, QuTS hero, and QuTScloud
Security ID: QSA-24-05
Release date: February 3, 2024
CVE identifier: CVE-2023-47567 | CVE-2023-47568
Severity: High
Status: Resolved
Affected products: QTS 5.1.x, 4.5.x; QuTS hero h5.1.x, h4.5.x; QuTScloud c5.x
Summary
Two vulnerabilities have been reported to affect several Qnap OS versions:
-
CVE-2023-47567: If exploited, the OS command injection vulnerability could allow authenticated administrators to execute commands via a network.
-
CVE-2023-47568: If exploited, the SQL injection vulnerability could allow authenticated users to inject malicious code via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.5.2645 build 20240116 and later |
|
QTS 4.5.x |
QTS 4.5.4.2627 build 20231225 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.5.2647 build 20240118 and later |
|
QuTS hero h4.5.x |
QuTS hero h4.5.4.2626 build 20231225 and later |
|
QuTScloud c5.x |
QuTScloud c5.1.5.2651 and later |
Vulnerability in OpenSSH
Security ID: QSA-24-06
Release date: February 3, 2024
CVE identifier: CVE-2023-48795
Severity: Medium
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
A vulnerability in OpenSSH has been reported to affect certain Qnap OS versions.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.5.2645 build 20240116 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.5.2647 build 20240118 and later |
Vulnerability in QTS and QuTS hero
Security ID: QSA-24-07
Release date: February 3, 2024
CVE identifier: CVE-2023-50359
Severity: Low
Status: Resolved
Affected products: QTS 5.1.x, QuTS hero h5.1.x
Summary
An unchecked return value vulnerability has been reported to affect certain Qnap OS versions. If exploited, the vulnerability could allow local authenticated administrators to place the system in a state that could lead to a crash or other unintended behaviors via unspecified vectors.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
QTS 5.1.x |
QTS 5.1.5.2645 build 20240116 and later |
|
QuTS hero h5.1.x |
QuTS hero h5.1.5.2647 build 20240118 and later |
Multiple Vulnerabilities in Photo Station
Security ID: QSA-24-08
Release date: February 3, 2024
CVE identifier: CVE-2023-47561 | CVE-2023-47562
Severity: Medium
Status: Resolved
Affected products: Photo Station 6.4.x
Summary
Two vulnerabilities have been reported to affect Photo Station:
-
CVE-2023-47561: If exploited, the cross-site scripting (XSS) vulnerability could allow authenticated users to inject malicious code via a network.
-
CVE-2023-47562: If exploited, the OS command injection vulnerability could allow authenticated users to execute commands via a network.
The company have already fixed vulnerability in following versions:
|
Affected product |
Fixed version |
|
Photo Station 6.4.x |
Photo Station 6.4.2 (2023/12/15) and later |
Subscribe to our free daily newsletter
