CVE-2023-47218

MEDIUM EXPLOITED IN THE WILD NUCLEI

Qnap Qts < 5.1.5.2645 - Command Injection

Title source: rule

Description

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later

Exploits (2)

nomisec WORKING POC

by passwa11 · remote

https://github.com/passwa11/CVE-2023-47218

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by sfewer-r7, Spencer McIntyre, jheysel-r7 · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/qnap_qts_rce_cve_2023_47218.rb

View Code ZIP pw:eip

Nuclei Templates (1)

QNAP QTS and QuTS Hero - OS Command Injection

MEDIUMVERIFIEDby ritikchaddha

Shodan: ssl.cert.issuer.cn:"QNAP NAS",title:"QNAP Turbo NAS"

References (2)

[Vendor Advisory] https://www.qnap.com/en/security-advisory/qsa-23-57

[Exploit, Third Party Advisory] https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/

Scores

CVSS v3 5.8

EPSS 0.9315

EPSS Percentile 99.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

Details

VulnCheck KEV 2024-02-16

InTheWild.io 2024-09-18

CWE

CWE-78 CWE-77

Status published

Products (5)

qnap/qts 5.1.5.2645

qnap/qts 5.1.0 - 5.1.5.2645

qnap/qutscloud c5.0.0.1919 - c5.1.5.2651

qnap/quts_hero h5.1.5.2647

qnap/quts_hero h5.1.0 - h5.1.5.2647

Published Feb 13, 2024

Tracked Since Feb 18, 2026