Qnap Systems Inc Qufirewall vulnerabilities
3 known vulnerabilities affecting qnap_systems_inc/qufirewall.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-23356HIGHCVSS 7.2≥ 2.3.x, < 2.3.3 ( 2023/03/27 )2024-12-19
CVE-2023-23356 [HIGH] CWE-77 CVE-2023-23356: A command injection vulnerability has been reported to affect several QNAP operating system versions
A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute arbitrary commands.
We have already fixed the vulnerability in the following versions:
QuFirewall 2.3.3 ( 2023/03/27 ) and later
and later
cvelistv5nvd
CVE-2023-41290MEDIUMCVSS 4.9≥ 2.4.x, < 2.4.1 ( 2024/02/01 )2024-04-26
CVE-2023-41290 [MEDIUM] CWE-22 CVE-2023-41290: A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerabili
A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
QuFirewall 2.4.1 ( 2024/02/01 ) and later
cvelistv5nvd
CVE-2023-41291MEDIUMCVSS 4.9≥ 2.4.x, < 2.4.1 ( 2024/02/01 )2024-04-26
CVE-2023-41291 [MEDIUM] CWE-22 CVE-2023-41291: A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerabili
A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
QuFirewall 2.4.1 ( 2024/02/01 ) and later
cvelistv5nvd