https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 22 Jun 2026 03:01:23 +0000 https://vulnerability.circl.lu/sighting/e7e62149-97d7-48cf-b827-4aeeacbad2a3/export {"uuid": "e7e62149-97d7-48cf-b827-4aeeacbad2a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23364", "type": "seen", "source": "https://t.me/cibsecurity/70936", "content": "\u203c CVE-2023-23364 \u203c\n\nA buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors.We have already fixed the vulnerability in the following versions:Multimedia Console 2.1.1 ( 2023/03/29 ) and laterMultimedia Console 1.4.7 ( 2023/03/20 ) and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T09:02:21.000000Z"} {"uuid": "e7e62149-97d7-48cf-b827-4aeeacbad2a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23364", "type": "seen", "source": "https://t.me/cibsecurity/70936", "content": "\u203c CVE-2023-23364 \u203c\n\nA buffer copy without checking size of input vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors.We have already fixed the vulnerability in the following versions:Multimedia Console 2.1.1 ( 2023/03/29 ) and laterMultimedia Console 1.4.7 ( 2023/03/20 ) and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T09:02:21.000000Z"} https://vulnerability.circl.lu/sighting/e7e62149-97d7-48cf-b827-4aeeacbad2a3/export Fri, 22 Sep 2023 09:02:21 +0000 https://vulnerability.circl.lu/sighting/a41a6b2d-fe34-47d5-bf4b-0bfeb8b10bf2/export {"uuid": "a41a6b2d-fe34-47d5-bf4b-0bfeb8b10bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23363", "type": "seen", "source": "https://t.me/cibsecurity/70938", "content": "\u203c CVE-2023-23363 \u203c\n\nA buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors.We have already fixed the vulnerability in the following versions:QTS 4.3.6.2441 build 20230621 and laterQTS 4.3.3.2420 build 20230621 and laterQTS 4.2.6 build 20230621 and laterQTS 4.3.4.2451 build 20230621 and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T09:02:24.000000Z"} {"uuid": "a41a6b2d-fe34-47d5-bf4b-0bfeb8b10bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23363", "type": "seen", "source": "https://t.me/cibsecurity/70938", "content": "\u203c CVE-2023-23363 \u203c\n\nA buffer copy without checking size of input vulnerability has been reported to affect QNAP operating system. If exploited, the vulnerability possibly allows remote users to execute code via unspecified vectors.We have already fixed the vulnerability in the following versions:QTS 4.3.6.2441 build 20230621 and laterQTS 4.3.3.2420 build 20230621 and laterQTS 4.2.6 build 20230621 and laterQTS 4.3.4.2451 build 20230621 and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T09:02:24.000000Z"} https://vulnerability.circl.lu/sighting/a41a6b2d-fe34-47d5-bf4b-0bfeb8b10bf2/export Fri, 22 Sep 2023 09:02:24 +0000 https://vulnerability.circl.lu/sighting/f7d7b336-636a-4c42-8b40-088fdbb4728a/export {"uuid": "f7d7b336-636a-4c42-8b40-088fdbb4728a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23365", "type": "seen", "source": "https://t.me/cibsecurity/71740", "content": "\u203c CVE-2023-23365 \u203c\n\nA path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.We have already fixed the vulnerability in the following version:Music Station 5.3.22 and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T20:13:40.000000Z"} {"uuid": "f7d7b336-636a-4c42-8b40-088fdbb4728a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23365", "type": "seen", "source": "https://t.me/cibsecurity/71740", "content": "\u203c CVE-2023-23365 \u203c\n\nA path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.We have already fixed the vulnerability in the following version:Music Station 5.3.22 and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T20:13:40.000000Z"} https://vulnerability.circl.lu/sighting/f7d7b336-636a-4c42-8b40-088fdbb4728a/export Fri, 06 Oct 2023 20:13:40 +0000 https://vulnerability.circl.lu/sighting/7f4b7ccb-e715-4623-aefe-d23c7ce1f5cf/export {"uuid": "7f4b7ccb-e715-4623-aefe-d23c7ce1f5cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23366", "type": "seen", "source": "https://t.me/cibsecurity/71744", "content": "\u203c CVE-2023-23366 \u203c\n\nA path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.We have already fixed the vulnerability in the following version:Music Station 5.3.22 and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T20:13:44.000000Z"} {"uuid": "7f4b7ccb-e715-4623-aefe-d23c7ce1f5cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23366", "type": "seen", "source": "https://t.me/cibsecurity/71744", "content": "\u203c CVE-2023-23366 \u203c\n\nA path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.We have already fixed the vulnerability in the following version:Music Station 5.3.22 and later\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-06T20:13:44.000000Z"} https://vulnerability.circl.lu/sighting/7f4b7ccb-e715-4623-aefe-d23c7ce1f5cf/export Fri, 06 Oct 2023 20:13:44 +0000 https://vulnerability.circl.lu/sighting/b2a939e1-3c15-4103-ba7b-c31e87575007/export {"uuid": "b2a939e1-3c15-4103-ba7b-c31e87575007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "seen", "source": "https://t.me/KomunitiSiber/1031", "content": "QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices\nhttps://thehackernews.com/2023/11/qnap-releases-patch-for-2-critical.html\n\nQNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution.\nTracked as\u00a0CVE-2023-23368\u00a0(CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud.\n\"If exploited, the vulnerability could allow remote attackers to execute commands via a network,\" the", "creation_timestamp": "2023-11-06T19:39:37.000000Z"} {"uuid": "b2a939e1-3c15-4103-ba7b-c31e87575007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "seen", "source": "https://t.me/KomunitiSiber/1031", "content": "QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices\nhttps://thehackernews.com/2023/11/qnap-releases-patch-for-2-critical.html\n\nQNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution.\nTracked as\u00a0CVE-2023-23368\u00a0(CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud.\n\"If exploited, the vulnerability could allow remote attackers to execute commands via a network,\" the", "creation_timestamp": "2023-11-06T19:39:37.000000Z"} https://vulnerability.circl.lu/sighting/b2a939e1-3c15-4103-ba7b-c31e87575007/export Mon, 06 Nov 2023 19:39:37 +0000 https://vulnerability.circl.lu/sighting/607aaebc-68f8-4e48-b5e8-bbbde0043b8c/export {"uuid": "607aaebc-68f8-4e48-b5e8-bbbde0043b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "seen", "source": "Telegram/ahykelfM5jaWgf8bjxulRuvue4b5ZrncnSwoWWrqFnDquw", "content": "", "creation_timestamp": "2023-11-06T21:53:17.000000Z"} {"uuid": "607aaebc-68f8-4e48-b5e8-bbbde0043b8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "seen", "source": "Telegram/ahykelfM5jaWgf8bjxulRuvue4b5ZrncnSwoWWrqFnDquw", "content": "", "creation_timestamp": "2023-11-06T21:53:17.000000Z"} https://vulnerability.circl.lu/sighting/607aaebc-68f8-4e48-b5e8-bbbde0043b8c/export Mon, 06 Nov 2023 21:53:17 +0000 https://vulnerability.circl.lu/sighting/d707a7c1-041f-4df9-be41-9516669c37ac/export {"uuid": "d707a7c1-041f-4df9-be41-9516669c37ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "exploited", "source": "https://t.me/true_secator/5059", "content": "QNAP Systems \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 QTS \u0441\u0435\u0442\u0435\u0432\u044b\u0445 NAS \u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-23368\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 9,8 \u0438\u0437 10, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS 5.0.x \u0438 4.5.x, QuTS Hero h5.0.x \u0438 h4.5.x \u0438 QuTScloud c5.0.1.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445:\u00a0QTS 5.0.1.2376, \u0441\u0431\u043e\u0440\u043a\u0430 20230421, 4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230416, QuTS Hero h5.0.1.2376 \u0441\u0431\u043e\u0440\u043a\u0430 20230421, h4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230417 \u0438 QuTScloud c5.0.1.2374 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2023-23369\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u2014 9,0. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0442\u0435\u043c \u0436\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c, \u0447\u0442\u043e \u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 QTS - 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, Media Streaming add-on 500.1.x \u0438 500.0.x.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432: QTS 5.1.0.2399, \u0441\u0431\u043e\u0440\u043a\u0430 20230515, 4.3.6.2441, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.4.2451, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.3.2420, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.2.6, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, Multimedia Console 2.1.2 (04.05.2023) \u0438 1.4.8 (05.05.2023), Media Streaming add-on 500.1.1.2 (12.06.2023) \u0438 500.0.0.11 (16.06.2023) (\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 QNAP\u00a0\u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c\u00a0\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c ransomware, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.\n\nDeadbolt \u043d\u0435 \u0434\u0430\u0441\u0442 \u0441\u043e\u0432\u0440\u0430\u0442\u044c.", "creation_timestamp": "2023-11-08T10:06:26.000000Z"} {"uuid": "d707a7c1-041f-4df9-be41-9516669c37ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "exploited", "source": "https://t.me/true_secator/5059", "content": "QNAP Systems \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 QTS \u0441\u0435\u0442\u0435\u0432\u044b\u0445 NAS \u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-23368\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 9,8 \u0438\u0437 10, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS 5.0.x \u0438 4.5.x, QuTS Hero h5.0.x \u0438 h4.5.x \u0438 QuTScloud c5.0.1.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445:\u00a0QTS 5.0.1.2376, \u0441\u0431\u043e\u0440\u043a\u0430 20230421, 4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230416, QuTS Hero h5.0.1.2376 \u0441\u0431\u043e\u0440\u043a\u0430 20230421, h4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230417 \u0438 QuTScloud c5.0.1.2374 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2023-23369\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u2014 9,0. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0442\u0435\u043c \u0436\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c, \u0447\u0442\u043e \u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 QTS - 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, Media Streaming add-on 500.1.x \u0438 500.0.x.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432: QTS 5.1.0.2399, \u0441\u0431\u043e\u0440\u043a\u0430 20230515, 4.3.6.2441, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.4.2451, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.3.2420, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.2.6, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, Multimedia Console 2.1.2 (04.05.2023) \u0438 1.4.8 (05.05.2023), Media Streaming add-on 500.1.1.2 (12.06.2023) \u0438 500.0.0.11 (16.06.2023) (\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 QNAP\u00a0\u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c\u00a0\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c ransomware, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.\n\nDeadbolt \u043d\u0435 \u0434\u0430\u0441\u0442 \u0441\u043e\u0432\u0440\u0430\u0442\u044c.", "creation_timestamp": "2023-11-08T10:06:26.000000Z"} https://vulnerability.circl.lu/sighting/d707a7c1-041f-4df9-be41-9516669c37ac/export Wed, 08 Nov 2023 10:06:26 +0000 https://vulnerability.circl.lu/sighting/81a8b471-a0fd-4015-a59e-ca613879d85d/export {"uuid": "81a8b471-a0fd-4015-a59e-ca613879d85d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23369", "type": "exploited", "source": "https://t.me/true_secator/5059", "content": "QNAP Systems \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 QTS \u0441\u0435\u0442\u0435\u0432\u044b\u0445 NAS \u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-23368\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 9,8 \u0438\u0437 10, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS 5.0.x \u0438 4.5.x, QuTS Hero h5.0.x \u0438 h4.5.x \u0438 QuTScloud c5.0.1.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445:\u00a0QTS 5.0.1.2376, \u0441\u0431\u043e\u0440\u043a\u0430 20230421, 4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230416, QuTS Hero h5.0.1.2376 \u0441\u0431\u043e\u0440\u043a\u0430 20230421, h4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230417 \u0438 QuTScloud c5.0.1.2374 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2023-23369\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u2014 9,0. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0442\u0435\u043c \u0436\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c, \u0447\u0442\u043e \u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 QTS - 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, Media Streaming add-on 500.1.x \u0438 500.0.x.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432: QTS 5.1.0.2399, \u0441\u0431\u043e\u0440\u043a\u0430 20230515, 4.3.6.2441, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.4.2451, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.3.2420, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.2.6, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, Multimedia Console 2.1.2 (04.05.2023) \u0438 1.4.8 (05.05.2023), Media Streaming add-on 500.1.1.2 (12.06.2023) \u0438 500.0.0.11 (16.06.2023) (\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 QNAP\u00a0\u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c\u00a0\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c ransomware, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.\n\nDeadbolt \u043d\u0435 \u0434\u0430\u0441\u0442 \u0441\u043e\u0432\u0440\u0430\u0442\u044c.", "creation_timestamp": "2023-11-08T10:06:26.000000Z"} {"uuid": "81a8b471-a0fd-4015-a59e-ca613879d85d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23369", "type": "exploited", "source": "https://t.me/true_secator/5059", "content": "QNAP Systems \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043b\u0438\u044f\u044e\u0442 \u043d\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 QTS \u0441\u0435\u0442\u0435\u0432\u044b\u0445 NAS \u0438 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2023-23368\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 9,8 \u0438\u0437 10, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS 5.0.x \u0438 4.5.x, QuTS Hero h5.0.x \u0438 h4.5.x \u0438 QuTScloud c5.0.1.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445:\u00a0QTS 5.0.1.2376, \u0441\u0431\u043e\u0440\u043a\u0430 20230421, 4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230416, QuTS Hero h5.0.1.2376 \u0441\u0431\u043e\u0440\u043a\u0430 20230421, h4.5.4.2374, \u0441\u0431\u043e\u0440\u043a\u0430 20230417 \u0438 QuTScloud c5.0.1.2374 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2023-23369\u00a0\u0438 \u0438\u043c\u0435\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u2014 9,0. \u041e\u043d\u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0441 \u0442\u0435\u043c \u0436\u0435 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u043e\u043c, \u0447\u0442\u043e \u0438 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0430\u044f.\n\n\u0421\u0440\u0435\u0434\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 QTS - 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0443\u044f\u0437\u0432\u0438\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, Media Streaming add-on 500.1.x \u0438 500.0.x.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432: QTS 5.1.0.2399, \u0441\u0431\u043e\u0440\u043a\u0430 20230515, 4.3.6.2441, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.4.2451, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.3.3.2420, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, 4.2.6, \u0441\u0431\u043e\u0440\u043a\u0430 20230621, Multimedia Console 2.1.2 (04.05.2023) \u0438 1.4.8 (05.05.2023), Media Streaming add-on 500.1.1.2 (12.06.2023) \u0438 500.0.0.11 (16.06.2023) (\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438).\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 QNAP\u00a0\u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c\u00a0\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c ransomware, \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.\n\nDeadbolt \u043d\u0435 \u0434\u0430\u0441\u0442 \u0441\u043e\u0432\u0440\u0430\u0442\u044c.", "creation_timestamp": "2023-11-08T10:06:26.000000Z"} https://vulnerability.circl.lu/sighting/81a8b471-a0fd-4015-a59e-ca613879d85d/export Wed, 08 Nov 2023 10:06:26 +0000 https://vulnerability.circl.lu/sighting/38513515-8a0e-45f7-bdc9-6f8791550cb4/export {"uuid": "38513515-8a0e-45f7-bdc9-6f8791550cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23369", "type": "seen", "source": "https://t.me/sysodmins/19998", "content": "\u0414\u0432\u0430 \u0431\u0430\u0433\u0430 \u0432 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438 QNAP \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445\n\nQNAP \u2013 \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u043f\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449. \u041e\u0431\u044b\u0447\u043d\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043e\u0431\u044a\u0435\u043c\u043e\u0432 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u25aa\ufe0f CVE-2023-23368 (9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS: 5.0.x \u0438 4.5.x, QuTS hero h5.0.x \u0438 h4.5.x, \u0430 \u0442\u0430\u043a\u0436\u0435 QuTScloud c5.0.1.\n\n\u25aa\ufe0f CVE-2023-23369 (9.0 \u0438\u0437 10) \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f QTS \u0432\u0435\u0440\u0441\u0438\u0439 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Media Streaming \u0432\u0435\u0440\u0441\u0438\u0439 500.1.x \u0438 500.0.x.\n\n\u041f\u0430\u0442\u0447\u0438 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u2013 \u0440\u0435\u0448\u0438\u0442\u044c \u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0438\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-11-12T05:03:11.000000Z"} {"uuid": "38513515-8a0e-45f7-bdc9-6f8791550cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23369", "type": "seen", "source": "https://t.me/sysodmins/19998", "content": "\u0414\u0432\u0430 \u0431\u0430\u0433\u0430 \u0432 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438 QNAP \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445\n\nQNAP \u2013 \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u043f\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449. \u041e\u0431\u044b\u0447\u043d\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043e\u0431\u044a\u0435\u043c\u043e\u0432 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u25aa\ufe0f CVE-2023-23368 (9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS: 5.0.x \u0438 4.5.x, QuTS hero h5.0.x \u0438 h4.5.x, \u0430 \u0442\u0430\u043a\u0436\u0435 QuTScloud c5.0.1.\n\n\u25aa\ufe0f CVE-2023-23369 (9.0 \u0438\u0437 10) \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f QTS \u0432\u0435\u0440\u0441\u0438\u0439 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Media Streaming \u0432\u0435\u0440\u0441\u0438\u0439 500.1.x \u0438 500.0.x.\n\n\u041f\u0430\u0442\u0447\u0438 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u2013 \u0440\u0435\u0448\u0438\u0442\u044c \u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0438\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-11-12T05:03:11.000000Z"} https://vulnerability.circl.lu/sighting/38513515-8a0e-45f7-bdc9-6f8791550cb4/export Sun, 12 Nov 2023 05:03:11 +0000 https://vulnerability.circl.lu/sighting/24336861-8603-448d-a52d-9e792f3dba94/export {"uuid": "24336861-8603-448d-a52d-9e792f3dba94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "seen", "source": "https://t.me/sysodmins/19998", "content": "\u0414\u0432\u0430 \u0431\u0430\u0433\u0430 \u0432 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438 QNAP \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445\n\nQNAP \u2013 \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u043f\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449. \u041e\u0431\u044b\u0447\u043d\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043e\u0431\u044a\u0435\u043c\u043e\u0432 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u25aa\ufe0f CVE-2023-23368 (9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS: 5.0.x \u0438 4.5.x, QuTS hero h5.0.x \u0438 h4.5.x, \u0430 \u0442\u0430\u043a\u0436\u0435 QuTScloud c5.0.1.\n\n\u25aa\ufe0f CVE-2023-23369 (9.0 \u0438\u0437 10) \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f QTS \u0432\u0435\u0440\u0441\u0438\u0439 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Media Streaming \u0432\u0435\u0440\u0441\u0438\u0439 500.1.x \u0438 500.0.x.\n\n\u041f\u0430\u0442\u0447\u0438 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u2013 \u0440\u0435\u0448\u0438\u0442\u044c \u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0438\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-11-12T05:03:11.000000Z"} {"uuid": "24336861-8603-448d-a52d-9e792f3dba94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23368", "type": "seen", "source": "https://t.me/sysodmins/19998", "content": "\u0414\u0432\u0430 \u0431\u0430\u0433\u0430 \u0432 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0438 QNAP \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445\n\nQNAP \u2013 \u043e\u0434\u0438\u043d \u0438\u0437 \u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u043f\u043e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0441\u0442\u0432\u0443 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449. \u041e\u0431\u044b\u0447\u043d\u043e \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u0445 \u043e\u0431\u044a\u0435\u043c\u043e\u0432 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u043c\u0435\u0442\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438.\n\n\u25aa\ufe0f CVE-2023-23368 (9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u0438\u0437 10) \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 QTS: 5.0.x \u0438 4.5.x, QuTS hero h5.0.x \u0438 h4.5.x, \u0430 \u0442\u0430\u043a\u0436\u0435 QuTScloud c5.0.1.\n\n\u25aa\ufe0f CVE-2023-23369 (9.0 \u0438\u0437 10) \u043a\u0430\u0441\u0430\u0435\u0442\u0441\u044f QTS \u0432\u0435\u0440\u0441\u0438\u0439 5.1.x, 4.3.6, 4.3.4, 4.3.3 \u0438 4.2.x, \u0430 \u0442\u0430\u043a\u0436\u0435 Multimedia Console 2.1.x \u0438 1.4.x, \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f Media Streaming \u0432\u0435\u0440\u0441\u0438\u0439 500.1.x \u0438 500.0.x.\n\n\u041f\u0430\u0442\u0447\u0438 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u2013 \u0440\u0435\u0448\u0438\u0442\u044c \u043e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0438\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430.\n\n\u0422\u0438\u043f\u0438\u0447\u043d\u044b\u0439 \ud83e\udd78 \u0421\u0438\u0441\u0430\u0434\u043c\u0438\u043d", "creation_timestamp": "2023-11-12T05:03:11.000000Z"} https://vulnerability.circl.lu/sighting/24336861-8603-448d-a52d-9e792f3dba94/export Sun, 12 Nov 2023 05:03:11 +0000