A vulnerability has been reported to affect QNAP device running QuTS hero, QTS. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QuTS hero, QTS: QuTS hero h5.0.1.2248 build 20221215 and later QTS 5.0.1.2234 build 20221201 and later
References
Link | Resource |
---|---|
https://www.qnap.com/en/security-advisory/qsa-23-01 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
01 Feb 2023, 14:40
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-30 02:15
Updated : 2024-02-04 23:14
NVD link : CVE-2022-27596
Mitre link : CVE-2022-27596
CVE.ORG link : CVE-2022-27596
JSON object : View
Products Affected
qnap
- quts_hero
- qts
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')