cve/2023/CVE-2023-47218.md

### [CVE-2023-47218](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47218)
![](https://img.shields.io/static/v1?label=Product&message=QTS&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=QuTS%20hero&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=QuTScloud&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=c5.x%3C%20c5.1.5.2651%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78&color=brighgreen)

### Description

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network.We have already fixed the vulnerability in the following versions:QTS 5.1.5.2645 build 20240116 and laterQuTS hero h5.1.5.2647 build 20240118 and laterQuTScloud c5.1.5.2651 and later

### POC

#### Reference
- https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/passwa11/CVE-2023-47218