CVE-2023-47563 — Vulnetix

Try Vulnetix Request Demo

CVE-2023-47563 PUBLISHED CVSS 7.400000095367432 HIGH

An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.8.2 and later

EPSS 0.67% · 71.1th percentile

Risk Scores

CVSS v3.1

7.400000095367432

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L

EPSS Score

0.67%

71.1th percentile

Affected Products

Vendor	Product	Versions
qnap	video_station	5.0.0
QNAP Systems Inc.	Video Station	5.8.x

Timeline

Sep 6, 2024 CVE Published
Sep 6, 2024 CVE Updated
Sep 7, 2024 EPSS Score
Sep 26, 2024 EPSS Score
Oct 16, 2024 EPSS Score
Nov 24, 2024 EPSS Score
Dec 14, 2024 EPSS Score
Jan 2, 2025 EPSS Score
Jan 22, 2025 EPSS Score
Feb 10, 2025 EPSS Score
Mar 2, 2025 EPSS Score
Mar 29, 2025 EPSS Score

References

https://www.qnap.com/en/security-advisory/qsa-24-24 url
https://www.qnap.com/go/security-advisory/qsa-24-24 advisory
https://www.qnap.com/go/security-advisory/qsa-24-26 advisory
https://www.qnap.com/go/security-advisory/qsa-24-34 advisory
https://www.qnap.com/go/security-advisory/qsa-24-30 advisory
https://www.qnap.com/go/security-advisory/qsa-24-21 advisory
https://www.qnap.com/go/security-advisory/qsa-24-27 advisory
https://www.qnap.com/go/security-advisory/qsa-24-29 advisory
https://www.qnap.com/go/security-advisory/qsa-24-28 advisory
https://www.qnap.com/go/security-advisory/qsa-24-32 advisory
https://www.qnap.com/go/security-advisory/qsa-24-25 advisory
https://www.qnap.com/go/security-advisory/qsa-24-33 advisory
https://www.qnap.com/go/security-advisory/qsa-24-22 advisory
https://www.qnap.com/go/security-advisory/qsa-24-35 advisory
https://nvd.nist.gov/vuln/detail/CVE-2023-47563 advisory

Open in Interactive Console →