CVE-2023-34979
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.
We have already fixed the vulnerability in the following versions: QTS 4.5.4.2790 build 20240605 and later QuTS hero h4.5.4.2790 build 20240606 and later
| Software | From | Fixed in |
|---|---|---|
| qnap / qts | 4.5.4.2280-build_20230112 | 4.5.4.2280-build_20230112.x |
| qnap / qts | 4.5.4.2117-build_20220802 | 4.5.4.2117-build_20220802.x |
| qnap / qts | 4.5.4.2012-build_20220419 | 4.5.4.2012-build_20220419.x |
| qnap / qts | 4.5.4.1931-build_20220128 | 4.5.4.1931-build_20220128.x |
| qnap / qts | 4.5.4.1800-build_20210923 | 4.5.4.1800-build_20210923.x |
| qnap / qts | 4.5.4.1787-build_20210910 | 4.5.4.1787-build_20210910.x |
| qnap / qts | 4.5.4.1715-build_20210630 | 4.5.4.1715-build_20210630.x |
| qnap / qts | 4.5.4.1723-build_20210708 | 4.5.4.1723-build_20210708.x |
| qnap / qts | 4.5.4.1741-build_20210726 | 4.5.4.1741-build_20210726.x |
| qnap / qts | 4.5.4.1892-build_20211223 | 4.5.4.1892-build_20211223.x |
| qnap / qts | 4.5.4.2374-build_20230416 | 4.5.4.2374-build_20230416.x |
| qnap / qts | 4.5.4.2467-build_20230718 | 4.5.4.2467-build_20230718.x |
| qnap / qts | 4.5.4.2627-build_20231225 | 4.5.4.2627-build_20231225.x |
| qnap / quts_hero | h4.5.4.2272-build_20230105 | h4.5.4.2272-build_20230105.x |
| qnap / quts_hero | h4.5.4.2217-build_20221111 | h4.5.4.2217-build_20221111.x |
| qnap / quts_hero | h4.5.4.2138-build_20220824 | h4.5.4.2138-build_20220824.x |
| qnap / quts_hero | h4.5.4.2052-build_20220530 | h4.5.4.2052-build_20220530.x |
| qnap / quts_hero | h4.5.4.1991-build_20220330 | h4.5.4.1991-build_20220330.x |
| qnap / quts_hero | h4.5.4.1971-build_20220310 | h4.5.4.1971-build_20220310.x |
| qnap / quts_hero | h4.5.4.1771-build_20210825 | h4.5.4.1771-build_20210825.x |
| qnap / quts_hero | h4.5.4.1800-build_20210923 | h4.5.4.1800-build_20210923.x |
| qnap / quts_hero | h4.5.4.1813-build_20211006 | h4.5.4.1813-build_20211006.x |
| qnap / quts_hero | h4.5.4.1848-build_20211109 | h4.5.4.1848-build_20211109.x |
| qnap / quts_hero | h4.5.4.1892-build_20211223 | h4.5.4.1892-build_20211223.x |
| qnap / quts_hero | h4.5.4.1951-build_20220218 | h4.5.4.1951-build_20220218.x |
| qnap / quts_hero | h4.5.4.2374-build_20230417 | h4.5.4.2374-build_20230417.x |
| qnap / quts_hero | h4.5.4.2476-build_20230728 | h4.5.4.2476-build_20230728.x |
| qnap / quts_hero | h4.5.4.2626-build_20231225 | h4.5.4.2626-build_20231225.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime