CVE-2023-47565 - QNAP VioStor NVR OS Command Injection Vulnerability
Project:QNAP
Product:VioStor NVR
Date Added:2023-12-21Due Date:2024-01-11
Vulnerability Name
QNAP VioStor NVR OS Command Injection Vulnerability
Description
QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.qnap.com/en/security-advisory/qsa-23-48
https://nvd.nist.gov/vuln/detail/CVE-2023-47565