CVE-2023-47560

CWE-77Command InjectionCWE-78OS Command Injection3 documents3 sources
Severity
8.8HIGH
EPSS
0.5%
top 34.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. QumagieQnap Qumagie
Timeline
PublishedJan 5

Description

An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:LExploitability: 3.1 | Impact: 3.7

Affected Packages2 packages

CVEListV5qnap_systems_inc./qumagie2.2.x2.2.1
NVDqnap/qumagie2.2.0

🔴Vulnerability Details

2
CVEList
QuMagie2024-01-05
GHSA
GHSA-3w95-fv8q-2wr8: An OS command injection vulnerability has been reported to affect QuMagie2024-01-05
CVE-2023-47560 (HIGH CVSS 8.8) | An OS command injection vulnerabili | cvebase.io