CVE-2023-34980

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Mar 8, 2024

CWE ID 78

Summary

CVE-2023-34980 is a newly discovered operating system command injection vulnerability that affects several QNAP versions, including QTS 4.5.4.2627 and QuTS hero h4.5.4.2626. This issue enables authenticated administrators to execute network commands, potentially leading to serious security consequences. The vulnerability has already been addressed in the mentioned QNAP versions released in December 2023. It's crucial for users to update their systems as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rzlEoB
https://www.cve.org/CVERecord?id=CVE-2023-34980
https://nvd.nist.gov/vuln/detail/CVE-2023-34980

Back to Vulnerability Database

CVE-2023-34980

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations