vulnerability

QNAP QTS: CVE-2023-23363: Vulnerability in Legacy QTS

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Sep 22, 2023	Aug 4, 2025	Oct 16, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Sep 22, 2023

Added

Aug 4, 2025

Modified

Oct 16, 2025

Description

A buffer copy without checking size of input vulnerability has been reported to affect certain legacy versions of QTS. If exploited, the vulnerability could allow clients to execute code via unspecified vectors.

Solution

qnap-qts-upgrade-latest

References

CWE-120
CVE-2023-23363
https://attackerkb.com/topics/CVE-2023-23363
URL-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23363
URL-https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-23363
URL-https://www.qnap.com/en-uk/security-advisory/QSA-23-25

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today