Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2023-34974

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. QuTScloud, QVR, QES are not affected.

We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790 build 20240605 and later QuTS hero h4.5.4.2626 build 20231225 and later

  • Published: Sep 6, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2023-34974
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.8
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
qnap / qts 4.5.4.2280-build_20230112 4.5.4.2280-build_20230112.x
qnap / qts 4.5.4.2117-build_20220802 4.5.4.2117-build_20220802.x
qnap / qts 4.5.4.2012-build_20220419 4.5.4.2012-build_20220419.x
qnap / qts 4.5.4.1931-build_20220128 4.5.4.1931-build_20220128.x
qnap / qts 4.5.4.1800-build_20210923 4.5.4.1800-build_20210923.x
qnap / qts 4.5.4.1787-build_20210910 4.5.4.1787-build_20210910.x
qnap / qts 4.5.4.2627-build_20231225 4.5.4.2627-build_20231225.x
qnap / qts 4.5.4.2467-build_20230718 4.5.4.2467-build_20230718.x
qnap / qts 4.5.4.2374-build_20230416 4.5.4.2374-build_20230416.x
qnap / qts 4.5.4.1892-build_20211223 4.5.4.1892-build_20211223.x
qnap / qts 4.5.4.1741-build_20210726 4.5.4.1741-build_20210726.x
qnap / qts 4.5.4.1723-build_20210708 4.5.4.1723-build_20210708.x
qnap / qts 4.5.4.1715-build_20210630 4.5.4.1715-build_20210630.x
qnap / quts_hero h4.5.4.2272-build_20230105 h4.5.4.2272-build_20230105.x
qnap / quts_hero h4.5.4.2217-build_20221111 h4.5.4.2217-build_20221111.x
qnap / quts_hero h4.5.4.2138-build_20220824 h4.5.4.2138-build_20220824.x
qnap / quts_hero h4.5.4.2052-build_20220530 h4.5.4.2052-build_20220530.x
qnap / quts_hero h4.5.4.1991-build_20220330 h4.5.4.1991-build_20220330.x
qnap / quts_hero h4.5.4.1971-build_20220310 h4.5.4.1971-build_20220310.x
qnap / quts_hero h4.5.4.2374-build_20230417 h4.5.4.2374-build_20230417.x
qnap / quts_hero h4.5.4.2476-build_20230728 h4.5.4.2476-build_20230728.x
qnap / quts_hero h4.5.4.2626-build_20231225 h4.5.4.2626-build_20231225.x
qnap / quts_hero h4.5.4.1951-build_20220218 h4.5.4.1951-build_20220218.x
qnap / quts_hero h4.5.4.1892-build_20211223 h4.5.4.1892-build_20211223.x
qnap / quts_hero h4.5.4.1848-build_20211109 h4.5.4.1848-build_20211109.x
qnap / quts_hero h4.5.4.1813-build_20211006 h4.5.4.1813-build_20211006.x
qnap / quts_hero h4.5.4.1800-build_20210923 h4.5.4.1800-build_20210923.x
qnap / quts_hero h4.5.4.1771-build_20210825 h4.5.4.1771-build_20210825.x