QNAP NAS Multiple Vulnerabilities
Release Date: 9 Dec 2024
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass, denial of service condition, remote code execution, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Remote Code Execution
- Denial of Service
- Information Disclosure
- Data Manipulation
- Security Restriction Bypass
System / Technologies affected
- QTS 5.1.x
- QuTS hero h5.1.x
- QTS 5.2.x
- QuTS hero h5.2.x
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
- CVE-2024-48859
- CVE-2024-48865
- CVE-2024-48866
- CVE-2024-48867
- CVE-2024-48868
- CVE-2024-50393
- CVE-2024-50402
- CVE-2024-50403
沒有留言:
發佈留言