CVE-2023-39295: QuMagie
First published: Fri Nov 10 2023(Updated: )
An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: QuMagie 2.1.3 and later
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qnap Qumagie | <2.1.4 |
Remedy
We have already fixed the vulnerability in the following version: QuMagie 2.1.3 and later
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this QuMagie vulnerability?
The vulnerability ID for this QuMagie vulnerability is CVE-2023-39295.
What is the severity of CVE-2023-39295?
The severity of CVE-2023-39295 is high with a CVSS score of 8.8.
How does CVE-2023-39295 affect QuMagie?
CVE-2023-39295 is an OS command injection vulnerability that affects QuMagie. It allows authenticated users to execute commands via a network.
What version of QuMagie has the vulnerability been fixed in?
The vulnerability has been fixed in QuMagie version 2.1.3 and later.
Where can I find more information about CVE-2023-39295?
You can find more information about CVE-2023-39295 in the QNAP Security Advisory QSA-23-50.
- collector/nvd-api
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/title
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/qnap
- canonical/qnap qumagie