CVE-2023-47565 - QNAP VioStor NVR OS Command Injection Vulnerability

: QNAP | VioStor NVR

Date Added:
2023-12-21

Due Date:
2024-01-11

Vulnerability Name: QNAP VioStor NVR OS Command Injection Vulnerability

Description: QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes: https://www.qnap.com/en/security-advisory/qsa-23-48 ; https://nvd.nist.gov/vuln/detail/CVE-2023-47565

Free online web security scanner

Don't show website scan report rating on the leaderboard