QNAP NAS Multiple Vulnerabilities
Release Date:
25 Sep 2023
4299
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and data manipulation on the targeted system.
Impact
- Remote Code Execution
- Data Manipulation
System / Technologies affected
- QTS version prior to 4.3.6.2441 build 20230621
- QTS version prior to 4.3.4.2451 build 20230621
- QTS version prior to 4.3.3.2420 build 20230621
- QTS version prior to 4.2.6 build 20230621
- QTS version prior to 5.1.0.2348 build 20230325
- QuTS hero version prior to h5.1.0.2392 build 20230508
- QuTScloud version prior to c5.0.1.2374
- Multimedia Console version prior to 2.1.1 (2023/03/29)
- Multimedia Console version prior to 1.4.7 (2023/03/20)
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor:
https://www.qnap.com/en/security-advisory/QSA-23-12
https://www.qnap.com/en/security-advisory/QSA-23-25
https://www.qnap.com/en/security-advisory/QSA-23-29
Vulnerability Identifier
Source
Related Link
Related Tags
Share with