QNAP NAS Remote Code Execution Vulnerabilities
Release Date: 28 Apr 2022
RISK: High Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote user can exploit these vulnerabilities to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- QTS 5.0.x and later
- QTS 4.5.4 and later
- QTS 4.3.6 and later
- QTS 4.3.4 and later
- QTS 4.3.3 and later
- QTS 4.2.6 and later
- QuTS hero h5.0.x and later
- QuTS hero h4.5.4 and later
- QuTScloud c5.0.x
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- QNAP is investigating the case and will release security updates. For detail, please reference https://www.qnap.com/en/security-advisory/qsa-22-12
沒有留言:
發佈留言