Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2023-39298

A missing authorization vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow local authenticated users to access data or perform actions that they should not be allowed to perform via unspecified vectors. QuTScloud, is not affected.

We have already fixed the vulnerability in the following versions: QTS 5.2.0.2737 build 20240417 and later QuTS hero h5.2.0.2782 build 20240601 and later

  • Published: Sep 6, 2024
  • Updated: May 4, 2025
  • CVE: CVE-2023-39298
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

No CWE or OWASP classifications available.

Software From Fixed in
qnap / qts 5.1.0.2348-build_20230325 5.1.0.2348-build_20230325.x
qnap / qts 5.1.0.2418-build_20230603 5.1.0.2418-build_20230603.x
qnap / qts 5.1.0.2399-build_20230515 5.1.0.2399-build_20230515.x
qnap / qts 5.1.0.2466-build_20230721 5.1.0.2466-build_20230721.x
qnap / qts 5.1.1.2491-build_20230815 5.1.1.2491-build_20230815.x
qnap / qts 5.1.0.2444-build_20230629 5.1.0.2444-build_20230629.x
qnap / qts 5.1.3.2578-build_20231110 5.1.3.2578-build_20231110.x
qnap / qts 5.1.2.2533-build_20230926 5.1.2.2533-build_20230926.x
qnap / qts 5.1.4.2596-build_20231128 5.1.4.2596-build_20231128.x
qnap / qts 5.1.5.2645-build_20240116 5.1.5.2645-build_20240116.x
qnap / qts 5.1.5.2679-build_20240219 5.1.5.2679-build_20240219.x
qnap / qts 5.1.6.2722-build_20240402 5.1.6.2722-build_20240402.x
qnap / qts 5.1.7.2770-build_20240520 5.1.7.2770-build_20240520.x
qnap / qts 5.1.8.2823-build_20240712 5.1.8.2823-build_20240712.x
qnap / qts 5.2.0.2737-build_20240417 5.2.0.2737-build_20240417.x
qnap / qts 5.2.0.2744-build_20240424 5.2.0.2744-build_20240424.x
qnap / quts_hero h5.1.0.2409-build_20230525 h5.1.0.2409-build_20230525.x
qnap / quts_hero h5.1.1.2488-build_20230812 h5.1.1.2488-build_20230812.x
qnap / quts_hero h5.1.0.2466-build_20230721 h5.1.0.2466-build_20230721.x
qnap / quts_hero h5.1.0.2453-build_20230708 h5.1.0.2453-build_20230708.x
qnap / quts_hero h5.1.0.2424-build_20230609 h5.1.0.2424-build_20230609.x
qnap / quts_hero h5.1.3.2578-build_20231110 h5.1.3.2578-build_20231110.x
qnap / quts_hero h5.1.2.2534-build_20230927 h5.1.2.2534-build_20230927.x
qnap / quts_hero h5.1.5.2647-build_20240118 h5.1.5.2647-build_20240118.x
qnap / quts_hero h5.1.4.2596-build_20231128 h5.1.4.2596-build_20231128.x
qnap / quts_hero h5.1.5.2680-build_20240220 h5.1.5.2680-build_20240220.x
qnap / quts_hero h5.1.6.2734-build_20240414 h5.1.6.2734-build_20240414.x
qnap / quts_hero h5.1.7.2770-build_20240520 h5.1.7.2770-build_20240520.x
qnap / quts_hero h5.1.7.2788-build_20240607 h5.1.7.2788-build_20240607.x
qnap / quts_hero h5.1.7.2794-build_20240613 h5.1.7.2794-build_20240613.x
qnap / quts_hero h5.1.8.2823-build_20240712 h5.1.8.2823-build_20240712.x
qnap / quts_hero h5.2.0.2737-build_20240417 h5.2.0.2737-build_20240417.x