CVE-2023-47218
HIGHCVSS v3
8.3
HIGH
EPSS Score
93.3%
exploit probability
CISA KEV
No
known exploited
Exploitation
—
SSVC status
Description
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Technical Details
- Published
- 2/13/2024
Frequently Asked Questions
What is CVE-2023-47218?
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Is CVE-2023-47218 actively exploited?
Active exploitation of CVE-2023-47218 has not been confirmed. The EPSS score is 93.3%, indicating the estimated probability of exploitation in the next 30 days.
What is the CVSS score for CVE-2023-47218?
CVE-2023-47218 has a CVSS v3 base score of 8.3 (HIGH severity).
Is CVE-2023-47218 affecting your environment?
Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.