CVE-2023-47565 — QNAP VioStor NVR OS Command Injection Vulnerability
2023-12-21 • CISA Known Exploited Vulnerability
[event] QNAP VioStar NVR contains an OS command injection vulnerability that allows authenticated users to execute commands via a network.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | QNAP |
| Product | VioStor NVR |
| CWE | CWE-78 |
| CVE ID | CVE-2023-47565 |
| Date Added | 2023-12-21 |
| Due Date | 2024-01-11 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2024-01-11