top of page

QNAP QTS and QuTS Hero Unauthenticated Command Injection (CVE-2023-47218)

Appliances Details

QTS is the operating system for all entry-level and mid-level QNAP NAS models. QuTS hero is the operating system for high-end and enterprise QNAP NAS models.


An OS command injection vulnerability has been reported to affect several QNAP (Quality Network Appliance Provider) operating system versions.


The use of the URL encoded double quote %22 can be used to perform the command injection. If exploited, the vulnerability could allow users to execute commands via a network.

POST /cgi-bin/quick/quick.cgi?func=switch_os&todo=uploaf_firmware_image

Content-Disposition: form-data; xxpcscma="field2"; zczqildp="%22$($(echo -n aWQ=|base64 -d)>a)%22"
Content-Type: text/plain



By turning this into a traffic file and matching rule, we are able to detect attempts to inject OS commands.


Idappcom have created signature 8024666 along with a traffic file for this vulnerability.


Traffic IQ

If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here:


bottom of page