=====================================================================

                                  CERT-Renater

                       Note d'Information No. 2023/VULN531

_____________________________________________________________________

DATE                : 12/12/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running QTS versions prior to 
5.1.0.2444 build 20230629, 5.0.1.2425 build 20230609,
              4.5.4.2467 build 20230718, 5.1.2.2533 build 20230926,
              5.0.1.2514 build 20230906,
          QuTS hero versions prior to 5.1.2.2534 build 20230927, 
      5.0.1.2515 build 20230907, 5.1.0.2424 build 20230609,
                           4.5.4.2476 build 20230728.

=====================================================================
https://www.qnap.com/fr-fr/security-advisory/qsa-23-07
https://www.qnap.com/fr-fr/security-advisory/qsa-23-40
_____________________________________________________________________

Security ID : QSA-23-07
     Release date : December 9, 2023

     CVE identifier : CVE-2023-32968 | CVE-2023-32975

     Affected products: QTS 5.1.x, 5.0.x; QuTS hero h5.1.x, h5.0.x

Severity
Multiple Vulnerabilities in QTS and QuTS hero

Medium

Status
Resolved


Summary

Two buffer copy without checking size of input vulnerabilities have
been reported to affect several QNAP operating system versions. If
exploited, these vulnerabilities could allow authenticated
administrators to execute code via a network.

We have already fixed the vulnerabilities in the following versions:

   Affected Product        Fixed Version
QTS 5.1.x               QTS 5.1.2.2533 build 20230926 and later
QTS 5.0.x               QTS 5.0.1.2514 build 20230906 and later
QuTS hero h5.1.x        QuTS hero h5.1.2.2534 build 20230927 and later
QuTS hero h5.0.x        QuTS hero h5.0.1.2515 build 20230907 and later

Please check this security advisory regularly for updates and promptly
update your operating system to the latest recommended version as soon
as it is available.


Recommendation

To secure your device, we recommend regularly updating your system to
the latest version to benefit from vulnerability fixes. You can check
the product support status to see the latest updates available to
your NAS model.


Updating QTS, QuTS hero, or QuTScloud

     Log in to QTS, QuTS hero, or QuTScloud as an administrator.
     Go to Control Panel > System > Firmware Update.
     Under Live Update, click Check for Update.
     The system downloads and installs the latest available update.

Tip: You can also download the update from the QNAP website. Go to
Support > Download Center and then perform a manual update for your
specific device.


Attachment

     CVE-2023-32968.json
     CVE-2023-32975.json

Acknowledgements: Jiaxu Zhao && Bingwei Peng

Revision History:
V1.0 (December 09, 2023) - Published

_____________________________________________________________________



Security ID : QSA-23-40
Vulnerability in QTS and QuTS hero

     Release date : December 9, 2023

     CVE identifier : CVE-2023-23372

     Affected products: QTS 5.1.x, 5.0.x, 4.5.x; QuTS hero h5.1.x,
h5.0.x, h4.5.x

Severity
Medium

Status
Resolved
Summary

A cross-site scripting (XSS) vulnerability has been reported to affect
several QNAP operating system versions. If exploited, the
vulnerability could allow users to inject malicious code via a network.

We have already fixed or are currently fixing the vulnerability in
the following versions:


Affected Product     Fixed Version

QTS 5.1.x            QTS 5.1.0.2444 build 20230629 and later
QTS 5.0.x            QTS 5.0.1.2425 build 20230609 and later
QTS 4.5.x            QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.1.x     QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h5.0.x     QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h4.5.x     QuTS hero h4.5.4.2476 build 20230728 and later

Please check this security advisory regularly for updates and
promptly update your operating system to the latest recommended
version as soon as it is available.


Recommendation

To secure your device, we recommend regularly updating your system
to the latest version to benefit from vulnerability fixes. You
can check the product support status to see the latest updates
available to your NAS model. In addition, for online activities,
it's recommended to access the web through secure and trusted
networks.


Updating QTS, QuTS hero, or QuTScloud

     Log in to QTS, QuTS hero, or QuTScloud as an administrator.
     Go to Control Panel > System > Firmware Update.
     Under Live Update, click Check for Update.
     The system downloads and installs the latest available update.

Tip: You can also download the update from the QNAP website. Go
to Support > Download Center and then perform a manual update for
your specific device.


Attachment

     CVE-2023-23372.json


Acknowledgements: YC of the M1QLin security team


Revision History:
V1.0 (December 09, 2023) - Published



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================