Headline
CVE-2023-23373: Vulnerability in QUSBCam2 - Security Advisory
An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network.
We have already fixed the vulnerability in the following version: QUSBCam2 2.0.3 ( 2023/06/15 ) and later
Security ID : QSA-23-43
Release date : October 21, 2023
CVE identifier : CVE-2023-23373
Affected products: QUSBCam2 2.0.x
Summary
An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute arbitrary commands via a network.
We have already fixed the vulnerability in the following version:
Affected Product
Fixed Version
QUSBCam2 2.0.x
QUSBCam2 2.0.3 (2023/06/15) and later
Recommendation
To fix the vulnerability, we recommend updating QUSBCam2 to the latest version.
Updating QUSBCam2
- Log on to QTS or QuTS hero as administrator.
- Open the App Center and then click .
A search box appears. - Type “QUSBCam2” and then press ENTER.
QUSBCam2 appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QUSBCam2 is already up to date. - Click OK.
The application is updated.
Attachment
- CVE-2023-23373.json
Acknowledgements: a crixer
Revision History:
V1.0 (October 21, 2023) - Published