Legacy QNAP VioStor NVR Models: OS Command Injection Vulnerability

Legacy QNAP VioStor NVR Models: OS Command Injection Vulnerability

CVE-2023-47565 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmware 5.0.0 and later

Learn more about our Cis Benchmark Audit For Apple Ios.