QNAP NAS Remote Code Execution Vulnerabilities
Release Date:
14 Feb 2024
3496
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in QNAP NAS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- QTS version prior to 5.1.0.2444 build 20230629
- QTS version prior to 5.0.1.2145 build 20220903
- QTS version prior to 5.0.0.1986 build 20220324
- QTS version prior to 4.5.4.2012 build 20220419
- QTS version prior to 4.3.6.2665 build 20240131
- QTS version prior to 4.3.4.2675 build 20240131
- QTS version prior to 4.3.3.2644 build 20240131
- QTS version prior to 4.2.6 build 20240131
- QuTS hero version prior to h5.1.0.2466 build 20230721
- QuTS hero version prior to h5.0.1.2192 build 20221020
- QuTS hero version prior to h5.0.0.1986 build 20220324
- QuTS hero version prior to h4.5.4.1991 build 20220330
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
Vulnerability Identifier
Source
Related Link
Related Tags
Share with