QNAP NAS Multiple Vulnerabilities
Release Date: 25 Aug 2023
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Security Restriction Bypass
System / Technologies affected
- QTS version prior to 4.5.4.2467 build 20230718
- QTS version prior to 5.0.1.2425 build 20230609
- QTS version prior to 5.1.0.2444 build 20230629
- QuTS hero version prior to h4.5.4.2476 build 20230728
- QuTS hero version prior to h5.1.0.2424 build 20230609
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://www.qnap.com/en/security-advisory/qsa-23-58
https://www.qnap.com/en/security-advisory/qsa-23-59
https://www.qnap.com/en/security-advisory/qsa-23-60
沒有留言:
發佈留言