CVE-2023-47222 – This CVE describes a path traversal vulnerabili... (How to Fix)

Q: What is the severity of CVE-2023-47222?

CVE-2023-47222 has a CVSS score of 9.6 (CRITICAL). This CVE describes a path traversal vulnerability (CWE-22) in QNAP Media Streaming add-on that allows attackers to access sensitive files on the system. The vulnerability affects QNAP NAS devices running vulnerable versions of the Media Streaming add-on. Successful exploitation could lead to unauthorized access to system files and potentially compromise the entire NAS device.

📋 TL;DR

This CVE describes a path traversal vulnerability (CWE-22) in QNAP Media Streaming add-on that allows attackers to access sensitive files on the system. The vulnerability affects QNAP NAS devices running vulnerable versions of the Media Streaming add-on. Successful exploitation could lead to unauthorized access to system files and potentially compromise the entire NAS device.

💻 Affected Systems

Products:

QNAP NAS devices with Media Streaming add-on

Versions: All versions before Media Streaming add-on 500.1.1.5

Operating Systems: QTS (QNAP Turbo NAS Operating System)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with Media Streaming add-on installed and enabled. The vulnerability is present in the add-on itself, not the base QTS operating system.

📦 What is this software?

Media Streaming Add On by Qnap

View all CVEs affecting Media Streaming Add On →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attackers to access sensitive configuration files, user data, and potentially gain administrative control over the NAS device.

🟠

Likely Case

Unauthorized access to sensitive system files, configuration data, and potentially user media files stored on the NAS.

🟢

If Mitigated

Limited impact if proper network segmentation and access controls prevent external access to the Media Streaming service.

🌐 Internet-Facing: HIGH - QNAP NAS devices are often exposed to the internet for remote access, making them prime targets for exploitation.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this vulnerability to escalate privileges or access sensitive data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities typically have low exploitation complexity. The advisory suggests network-based exploitation, indicating it may be exploitable without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Media Streaming add-on 500.1.1.5 (released 2024/01/22) and later

Vendor Advisory: https://www.qnap.com/en/security-advisory/qsa-24-15

Restart Required: Yes

Instructions:

1. Log into QNAP NAS web interface. 2. Go to App Center. 3. Check for updates for Media Streaming add-on. 4. Update to version 500.1.1.5 or later. 5. Restart the Media Streaming service or the entire NAS if prompted.

🔧 Temporary Workarounds

Disable Media Streaming add-on

all

Temporarily disable the vulnerable Media Streaming service until patching is possible

Log into QNAP web interface > App Center > Media Streaming > Disable

Restrict network access

all

Block external access to Media Streaming service ports using firewall rules

Configure firewall to block incoming connections to Media Streaming service ports (default varies by configuration)

🧯 If You Can't Patch

Disable the Media Streaming add-on completely via App Center
Implement strict network segmentation to isolate the NAS device from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check Media Streaming add-on version in QNAP App Center. If version is earlier than 500.1.1.5, the system is vulnerable.

Check Version:

Log into QNAP web interface > App Center > Check Media Streaming add-on version

Verify Fix Applied:

Verify Media Streaming add-on version shows 500.1.1.5 or later in App Center and the service is running normally.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in Media Streaming logs
Multiple failed path traversal attempts in web server logs
Access to system files from Media Streaming service context

Network Indicators:

Unusual HTTP requests with '../' sequences to Media Streaming service
Traffic spikes to Media Streaming service from unexpected sources

SIEM Query:

source="qnap_nas_logs" AND ("../" OR "..\\" OR "%2e%2e%2f") AND process="media_streaming"

📊 Metadata

CVE ID: CVE-2023-47222

CVSS v3 Score: 9.6 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CWE: CWE-22

Published: April 26, 2024

Last Updated: December 5, 2025

🔗 References

https://www.qnap.com/en/security-advisory/qsa-24-15 Vendor Advisory
https://www.qnap.com/en/security-advisory/qsa-24-15 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47222, you might also want to check these: