Back to KEVs

CVE-2023-47218

QTS, QuTS hero, QuTScloud

Basic Information

CVE State
PUBLISHED
Reserved Date
November 03, 2023
Published Date
February 13, 2024
Last Updated
May 07, 2025
Vendor
QNAP Systems Inc.
Product
QTS, QuTS hero, QuTScloud
Description
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
Tags
nuclei_scanner metasploit_scanner

CVSS Scores

CVSS v3.1

5.8 - MEDIUM

Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

EPSS Score

Score
92.65% (Percentile: 99.74%) as of 2025-06-06

SSVC Information

Exploitation
poc
Technical Impact
partial

Exploit Status

Exploited in the Wild
Yes (2025-05-09 00:00:00 UTC) Source

References

https://www.qnap.com/en/security-advisory/qsa-23-57 https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/

Known Exploited Vulnerability Information

Source Added Date
The Shadowserver (via CIRCL) 2025-05-09 00:00:00 UTC

Scanner Integrations

Scanner URL Date Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/qnap_qts_rce_cve_2023_47218.rb 2025-04-29 11:01:14 UTC
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-47218.yaml 2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

qnap_qts_rce_cve_2023_47218

Type: metasploit • Created: Unknown

Metasploit module for CVE-2023-47218

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Detected by Nuclei

  • Detected by Metasploit

  • Added to KEVIntel